Issue #7437 has been reported by Raz MaTaz. ---------------------------------------- Bug #7437: Fileserver needs security documentation https://projects.puppetlabs.com/issues/7437
Author: Raz MaTaz Status: Unreviewed Priority: Normal Assignee: Category: documentation Target version: Affected Puppet version: Keywords: Branch: A simple yet critical question that I couldn't find an answer for neither in the puppet docs, nor on google, nor on IRC: When fileserver.conf contains an `allow *`-line, will that allow any arbitrary host to download files from that fileserver-section? Or will puppet verify the SSL certificate before allowing connections to the fileserver? When using puppet to manage cloud-servers then it's near inevitable to set `allow *` for all fileserver sections. Is puppet secure with such a configuration? -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
