win_psexec module is exposing password to output

[jborean93]

From @cuichenli on Nov 18, 2019 05:04

SUMMARY

The win_psexec module is exposing the password and username to output, is that intended? Is there a way to hide it? Thanks!

My playbook:

- name: Psexec
  win_psexec:
    command: >
      powershell.exe 
    session: 1
    wait: yes
    interactive: yes
    username: "username"
    password: "password"

changed: [MYSERVER] => {
	....
    "psexec_command": "psexec64.exe -u username -p password -i 1 -accepteula powershell.exe",
  	....

ISSUE TYPE

• Bug Report

COMPONENT NAME

win_psexec

ANSIBLE VERSION

ansible 2.8.5
python version = 3.7.3 (default, Apr  3 2019, 05:39:12) [GCC 8.3.0]

OS / ENVIRONMENT

Host OS : Linux
Target OS: Windows

Copied from original issue: ansible/ansible#64978

[jborean93]

From @ShachafGoldstein on Nov 18, 2019 13:24

We can make a patch to replace the password in the output with *PASSWORD_REPLACED* but if someone would need to see if the password value was formatted correctly they couldn't.

[kroov]

Any updates?
Password should not be in module output.