From 27fd173e7200cd5ffde5d3d0367d8852747ecc3f Mon Sep 17 00:00:00 2001
From: Matthew Jones <mat@matburt.net>
Date: Thu, 6 Nov 2014 11:17:22 -0500
Subject: [PATCH] Custom inventory script environment variable blacklist

---
 awx/main/tasks.py        | 2 +-
 awx/settings/defaults.py | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/awx/main/tasks.py b/awx/main/tasks.py
index 04718c2af7..64cd1fcd65 100644
--- a/awx/main/tasks.py
+++ b/awx/main/tasks.py
@@ -1052,7 +1052,7 @@ class RunInventoryUpdate(BaseTask):
             pass
         elif inventory_update.source == 'custom':
             for env_k in inventory_update.source_vars_dict:
-                if str(env_k) not in os.environ:
+                if str(env_k) not in os.environ and str(env_k) not in settings.INV_ENV_VARIABLE_BLACKLIST:
                     env[str(env_k)] = unicode(inventory_update.source_vars_dict[env_k])
         return env
 
diff --git a/awx/settings/defaults.py b/awx/settings/defaults.py
index 7e5cf1b64a..1fbd7c27f3 100644
--- a/awx/settings/defaults.py
+++ b/awx/settings/defaults.py
@@ -351,6 +351,8 @@ RAX_GROUP_FILTER = r'^(?!instance-.+).+$'
 RAX_HOST_FILTER = r'^.+$'
 RAX_EXCLUDE_EMPTY_GROUPS = True
 
+INV_ENV_VARIABLE_BLACKLIST = ("HOME", "_")
+
 # ----------------
 # -- Amazon EC2 --
 # ----------------