ansible/changelogs/fragments/fix-world-readable-skip-message.yaml
Toshio Kuratomi 8d2c129944 [stable-2.5] Only print warning when ansible.cfg is actually skipped (#43583) (#43649)
Only print warning when ansible.cfg is actually skipped

* Also add unittests for the find_ini_config_file function
* Add documentation on world writable current working directory
  config files can no longer be loaded from a world writable current
  working directory but the end user is allowed to specify that
  explicitly.  Give appropriate warnings and information on how.

Fixes #42388
(cherry picked from commit 30662bedad)

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
2018-08-13 18:16:24 -07:00

9 lines
545 B
YAML

---
bugfixes:
- The fix for `CVE-2018-10875 <https://access.redhat.com/security/cve/cve-2018-10875>`_
prints out a warning message about skipping a config file from a world
writable current working directory. However, if the user explicitly
specifies that the config file should be used via the ANSIBLE_CONFIG
environment variable then Ansible would honor that but still print out the
warning message. This has been fixed so that Ansible honors the user's
explicit wishes and does not print a warning message in that circumstance.