c231d939ea
There are actions undertaken by action plugins in normal ansible that allow for executing code on the host that ansible is executing on. We do not want to allow that for untrusted code, so add a set of action plugins that override the upstream ones and simply return errors. Additionally, we can trap for attempts to execute local commands in the normal action plugin by looking at remote_addr, connection and delegate_to. Change-Id: I57dbe5648a9dc6ec9147c8698ad46c4fa1326e5a |
||
---|---|---|
.. | ||
action | ||
library | ||
__init__.py | ||
paths.py |