On Sat, Mar 28, 2020 at 7:31 AM Henrik Lindberg <[email protected]> wrote:
> On 2020-03-28 02:42, Matt Zagrabelny wrote: > > Greetings, > > > > Suppose I have a class foo that host A gets via its catalog. Suppose > > host B does not have foo in its catalog. Can host B do anything > > malicious to obtain the sensitive data in foo? > > > > My puppet master is using an ENC to generate the classification of each > > host and then a roles + profiles design pattern and hiera for specific > data. > > > > Thanks for any hints or answers! > > > > It is important that your server side logic uses $trusted when > classifying on node since other facts cannot be trusted. > > If B is compromised a malicious user could spoof facts in a request and > pretend to be A. It cannot however spoof the certificate - and it > contains the information that is in $trusted. > > Hey Henrik, Thanks for the reply! Suppose I don't use any facts for classification, but only the ENC assigns a role to the node via its fqdn. Class foo which comes through the role and profiles via the ENC has sensitive files in its "modules/foo/files/" path. Can B obtain those files if B is not classified to have foo in its catalog? Thank you for the help! -m -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAOLfK3VJytS_F%2Ban0dr-ya4Vf4GuhAxAYDS%2BbkudM8L6YzmuWw%40mail.gmail.com.
