Skip to content

os_hardening: /tmp privs erroneously apply as 03361 #803

Open
@shaunsmiley-xevo

Description

@shaunsmiley-xevo

Description

It appears that 1777 is interpreted as decimal, and gets converted to 03361 octal.
The workaround is to override these default vars to '01777'.

Reproduction steps

Run the role with defaults.

Current Behavior

TASK [devsec.hardening.os_hardening : Harden permissions for directory of mount /tmp] ***********************************************************************
--- before
+++ after
@@ -1,2 +1,2 @@
-mode: '01777'
+mode: '03361'
 path: /tmp

Expected Behavior

It should keep the 1777 default setting.

OS / Environment

Provide all relevant information below, e.g. target OS versions, network device firmware, etc.

Ansible Version

ansible [core 2.15.9]
...
  python version = 3.11.8 (main, Feb  6 2024, 21:21:21) [GCC 12.3.0]
  jinja version = 3.1.3
  libyaml = True


### Collection Version

```Shell
9.0.1

Additional information

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions