security guidelines for ansible role creators?
23 views
Skip to first unread message
nusenu
Feb 6, 2016, 8:24:11 AM2/6/16
to Ansible Project
Hi,
are there security guidelines for ansible role creators found somewhere
that lists common security pitfalls that one should look at to avoid
things like [1][2] and other such cases?
thanks!
[1]https://github.com/nusenu/ansible-relayor/commit/09f9afe7096395cb95310b8fb454c2b640ed17d9
[2]
https://github.com/nusenu/ansible-relayor/commit/d0a969fabe731e8f20dad074ec772ec12faaab7b#diff-0ab2a3945984f21ca36ce37d625d716cR147
are there security guidelines for ansible role creators found somewhere
that lists common security pitfalls that one should look at to avoid
things like [1][2] and other such cases?
thanks!
[1]https://github.com/nusenu/ansible-relayor/commit/09f9afe7096395cb95310b8fb454c2b640ed17d9
[2]
https://github.com/nusenu/ansible-relayor/commit/d0a969fabe731e8f20dad074ec772ec12faaab7b#diff-0ab2a3945984f21ca36ce37d625d716cR147
Brian Coca
Feb 6, 2016, 11:48:28 AM2/6/16
to Ansible Project
None Ansible specific, just follow good security practices you would
with any other systems.
Most of it boils down to validating and sanitizing your inputs and try
to avoid injection by quoting and escaping as the context requires it.
Also try to always use the least privilege needed and disclose as
little information as possible.
--
Brian Coca
with any other systems.
Most of it boils down to validating and sanitizing your inputs and try
to avoid injection by quoting and escaping as the context requires it.
Also try to always use the least privilege needed and disclose as
little information as possible.
--
Brian Coca
Reply all
Reply to author
Forward
0 new messages