On Tuesday, May 20, 2014 6:55:31 AM UTC-5, Jose Luis Ledesma wrote: > > But, who can run puppet? > > I mean, most puppet configurations needs root, so if someone malicious is > a root which is the point of being able to cheat the environment? He can do > whatever wants. >
Yes, generally speaking, if the target node is compromised so that an attacker can compromise the node facts sent to the master, then the attacker can modify the node as he wants without going through Puppet. Mandatory access controls (e.g. SELinux) can factor into that, but the real risk here is that by spoofing the puppet environment, the attacker might be able to extract information about the organization that otherwise would not be available from the compromised node. In some cases, he might also be able to cause damage or interfere with operations. Generally, I'm inclined to say that sites employing environments should always assign nodes to environments centrally, rather than by relying on agents to declare their own. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/fe0e28a3-bdcd-43ff-9ea5-d1fb6877a8b1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
