On Dec 22, 2010, at 7:35 PM, Derek Yarnell wrote:
> On 12/22/10 8:38 PM, Patrick wrote:
>>
>> On Dec 22, 2010, at 5:18 PM, Derek Yarnell wrote:
>>
>>> So I was asked a bit about implications of distributing something
>>> sensitive through puppet. After a client talks to the puppet server
>>> (giving its local facts) and retrieves its catalog is the client allowed
>>> to fetch resources that may not be defined in its catalog?
>>>
>>> For example if someone is crafty and has compromised a client can they
>>> retrieve a file from the file server that was not in their catalog? Or
>>> can this only be secured this only handled by the file server IP acls
>>> (if you really call that secure)?
>>
>>
>> Just to confirm that. Any client with a valid certificate can get any file
>> in any "files" directory unless you make changes. Templates are different
>> because the templates are put into the catalog, so a client can only use
>> templates you use in the catalog.
>>
>
> Ok so is the only way to secure the files is via IP/hostname or am I
> missing something in the auth.conf?
I think you can use wildcards in your hostnames which might help.
I know of two other indirect ways to secure files.
1) Use "source" and the file() function to embed the files in the catalog
instead of putting them in a "files" folder. Templates do the same thing.
2) Tinker with /etc/puppet/fileserver.conf to add private mounts like this:
Add this to fileserver.conf:
[private]
path /etc/puppet/private/%d/%h
allow *
Now, when I client with a certificate name of server.example.com asks for
puppet:///private/ it will get /etc/puppet/private/example.com/server/
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
