Issue #1154 has been updated by James Turnbull. Assigned to deleted (Puppet Community)
---------------------------------------- Feature #1154: Allow signed manifests to eliminate single point of compromise http://projects.reductivelabs.com/issues/1154 Author: Jeff Goldschrafe Status: Accepted Priority: Normal Assigned to: Category: newfeature Target version: Complexity: Unknown Patch: None Affected version: 0.24.4 Keywords: Puppet, like all configuration management systems, suffers from the possibility of being a single point of compromise, allowing arbitrary instructions to be run on all hosts accessing the Puppetmaster if a malicious manifest is crafted. Since the goal of Puppet more or less necessitates Puppet running as root on client systems, the amount of damage capable of being inflicted on client nodes is virtually limitless, and some optional extra precautions should be provided in order to limit the damage capable of being caused by a single rooted Puppetmaster. Signed manifests appear to be the easiest and most intuitive way to accomplish this. Like GPG-signed packages, they ensure that Puppet manifests have come from an authenticated source. By verifying the signature on manifests coming from the server, clients may verify that packages have been approved by the organization owning the Puppet server. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://reductivelabs.com/redmine/my/account --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en -~----------~----~----~----~------~----~------~--~---
