Review for new rbac_playbook
Tim Flink
tflink at redhat.com
Thu Jun 5 01:45:23 UTC 2014
I've been working to rewrite and extend the script that we've been
using to control playbook execution for folks who are not in
sysadmin-main.
https://bitbucket.org/tflink/rbac-ansible
I've been testing the script but before we actually start using it on
lockbox01, I'd appreciate a review of the code to make sure I didn't
miss any security holes.
Injection attacks shouldn't be an issue due to usage of os.execv - all
injection attempts are grouped as a single argument and will not be
broken up.
Tim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20140604/bd2f817c/attachment.sig>
More information about the infrastructure
mailing list