I just logged a bug http://projects.puppetlabs.com/issues/3556 which
details an issue, where doing:
User["sysadmin", "pleb"] { groups +> "wwwadm" }
unexpectedly gives user pleb ALL of sysadmin's groups... It created
a bit of a security issue for me here, as a bunch of plebs were
suddenly granted sudo rights to all kinds of things merely because I
tried to make a few manifests more concise...
Doing this is safe:
User["sysadmin"] { groups +> "wwwadm" }
User["pleb"] { groups +> "wwwadm" }
I am on 0.25.4, haven't tried other versions yet, just a "heads up!".
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
