If sudoing to a user other than root, the home directory of the original user is very unlikely to be readable by the

sudoed to user, so just use tmp.  Data will be readable by others (briefly before deletion) but never writeable.
This commit is contained in:
Michael DeHaan 2012-07-27 20:53:50 -04:00
parent aa40c5f3b3
commit fcdc281c28

View file

@ -641,6 +641,8 @@ class Runner(object):
basetmp = os.path.join(C.DEFAULT_REMOTE_TMP, basefile) basetmp = os.path.join(C.DEFAULT_REMOTE_TMP, basefile)
if self.remote_user == 'root': if self.remote_user == 'root':
basetmp = os.path.join('/var/tmp', basefile) basetmp = os.path.join('/var/tmp', basefile)
elif self.sudo and self.sudo_user != 'root':
basetmp = os.path.join('/tmp', basefile)
cmd = 'mkdir -p %s' % basetmp cmd = 'mkdir -p %s' % basetmp
if self.remote_user != 'root': if self.remote_user != 'root':