Ansible 1.4.5 is now available, and addresses a local security issue involving fireball/accelerate keys, where those keys (and the directory containing them) might be created with permissions that were too open if the system had a permissive umask set by default. This issue affects controlling nodes only, and does not have any impact on end-point systems.
With this update, Ansible will also refuse to use keys that have permissions that are too open (similar to the way SSH works). If you see an error message regarding this, ensure that the ~/.fireball.keys directory permissions are 0700, and any files contained within are set to 0600. This update should be available via PyPI as well as a tar download from http://releases.ansible.com/ansible/. Packages for various distributions will be available as soon as possible. If you have any questions, let us know. Thanks! -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
