Hi Sean, On Wed, 2013-04-10 at 07:13 -0400, Sean Millichamp wrote: > On Sun, 2013-04-07 at 14:07 +0200, Peter Meier wrote: > > > I think that this should be done without modifying the > > > Puppet::Node class/object and instead we just inject this one top > > > level variable in the compiler. > > > > And we need to ensure, that it can't be overwritten by any client > > sending a fact called trust. But I think that's quite obvious ;) > > I like the overall idea being discussed, but perhaps another / > additional approach would be to put facts in their own variable too. > > Instead of $::operatingsystem > You have $::fact['operatingsystem'] > > It would be easy to provide backwards compatibility (just expose both > names) and also easy to provide a configuration option for a > transitional period. Then it would be simple for people to remember: if > you are grabbing data from $::fact, treat it as untrusted. > > Just a thought...
That's something I'm trying to push for more than 1 year, you'll find my attempt and its counter-arguments in the following bug: https://projects.puppetlabs.com/issues/11915 Somehow this wasn't that well received :) Feel free to upvote accordingly. -- Brice Figureau My Blog: http://www.masterzen.fr/ -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-dev?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
