python-terraform
python-terraform copied to clipboard
Security issue with credentials vars file leftover in /tmp/ folder
Security issue with credentials vars file leftover in /tmp/ folder in case of error.
My environment details: Provider: OpenStack Terraform Server: 0.11.7 Python_terraform: 0.10.0
My Source Code:
def terraform_plan(self):
object_tf = Terraform(working_dir=self.path)
ret_code, stdout, stderr = object_tf.plan(var={"username":"testuser","password":"xxxxx"}, var_file=vars_file)
With the above code, python terraform client creates a temporary vars file like /tmp/tmppsjFxp for the openstack credentials which gets missed to delete incase of error situation like incorrect working_dir or terraform_vars.tf is provided.
Thanks for this report, I will do some work around cleaning up tmp in the case of errors.