From 52e9209491dee6a0c63edaa770b8601092248283 Mon Sep 17 00:00:00 2001
From: Toshio Kuratomi <toshio@fedoraproject.org>
Date: Mon, 21 Mar 2016 14:17:53 -0700
Subject: Don't create world-readable module and tempfiles without explicit
 user permission

---
 lib/ansible/constants.py | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lib/ansible/constants.py')

diff --git a/lib/ansible/constants.py b/lib/ansible/constants.py
index ea4f909cf5..1a9cbbce73 100644
--- a/lib/ansible/constants.py
+++ b/lib/ansible/constants.py
@@ -165,6 +165,7 @@ DEFAULT_VAR_COMPRESSION_LEVEL = get_config(p, DEFAULTS, 'var_compression_level',
 # disclosure
 DEFAULT_NO_LOG           = get_config(p, DEFAULTS, 'no_log', 'ANSIBLE_NO_LOG', False, boolean=True)
 DEFAULT_NO_TARGET_SYSLOG   = get_config(p, DEFAULTS, 'no_target_syslog', 'ANSIBLE_NO_TARGET_SYSLOG', False, boolean=True)
+ALLOW_WORLD_READABLE_TMPFILES = get_config(p, DEFAULTS, 'allow_world_readable_tmpfiles', None, False, boolean=True)
 
 # selinux
 DEFAULT_SELINUX_SPECIAL_FS = get_config(p, 'selinux', 'special_context_filesystems', None, 'fuse, nfs, vboxsf, ramfs', islist=True)
-- 
cgit v1.2.1