The Puppet Labs Issue Tracker has Moved:

Refactor #13643

The use of FileUtils.rm_rf should be made secure

Added by Kelsey Hightower almost 3 years ago. Updated almost 3 years ago.

Status:ClosedStart date:04/05/2012
Priority:NormalDue date:
Assignee:Kelsey Hightower% Done:


Target version:2.7.14
Affected Puppet version:2.7.12 Branch:
Keywords:geordi cleanup

We've Moved!

Ticket tracking is now hosted in JIRA:

This issue is currently not available for export. If you are experiencing the issue described below, please file a new ticket in JIRA. Once a new ticket has been created, please add a link to it that points back to this Redmine ticket.


All uses of the FileUtils.rm_rf method should be made secure by setting the :secure option to true.

From the online docs:

This method causes local vulnerability if one of parent directories or removing directory tree are world writable (including /tmp, whose permission is 1777), and the current process has strong privilege such as Unix super user (root), and the system has symbolic link. For secure removing, read the documentation of remove_entry_secure carefully, and set :secure option to true. Default is :secure=>false.

NOTE: This method calls remove_entry_secure if :secure option is set.


#1 Updated by Kelsey Hightower almost 3 years ago

  • Status changed from Accepted to In Topic Branch Pending Review
  • Branch set to

#2 Updated by Anonymous almost 3 years ago

  • Status changed from In Topic Branch Pending Review to Merged - Pending Release
  • Target version changed from 2.7.x to 2.7.14

#3 Updated by Matthaus Owens almost 3 years ago

  • Status changed from Merged - Pending Release to Closed

Released in Puppet 2.7.14rc1

Also available in: Atom PDF