Close a race condition with temporary files

The previous code allowed a race where an attacker could watch for creation of a rapid creation and deletion of a temporary directory, substitute their own directory at that name, and then have access to ansible-runner's private_data_dir the next time ansible-runner made ues of the private_data_dir. This code fixes the issue by creating the directory securely using mkdtemp() and not deleting it afterwards.
ansible · Jun 28, 2021 · 766fb5f · 766fb5f
1 parent cd6b999
commit 766fb5f
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/ansible_runner/streaming.py b/ansible_runner/streaming.py
@@ -73,7 +73,7 @@ def __init__(self, _input=None, _output=None, **kwargs):
 
         private_data_dir = kwargs.get('private_data_dir')
         if private_data_dir is None:
-            private_data_dir = tempfile.TemporaryDirectory().name
+            private_data_dir = tempfile.mkdtemp()
         self.private_data_dir = private_data_dir
 
         self.status = "unstarted"
@@ -164,7 +164,7 @@ def __init__(self, _input=None, status_handler=None, event_handler=None,
 
         private_data_dir = kwargs.get('private_data_dir')
         if private_data_dir is None:
-            private_data_dir = tempfile.TemporaryDirectory().name
+            private_data_dir = tempfile.mkdtemp()
         self.private_data_dir = private_data_dir
         self._loader = ArtifactLoader(self.private_data_dir)