Forum: CFEngine Help Subject: Re: Allowing access to a subdirectory only from similarly named host Author: neilhwatson Link to topic: https://cfengine.com/forum/read.php?3,23884,23888#msg-23888
Off the top of my head, if you are not manually creating the list then it's not a secure as you think it is. Creating access lists through programming and external data sounds a risky endeavor. Really you've already created the list by creating the directories. Now just duplicate that list to your policy. Since the list is large and ever changing your solution may not scale no matter what you do. My suggestions. 1. Look at it again and re-evaluate. 2. Segregation into larger groups (e.g. subnets) might be more manageable. 3. Is the data really that private that another host can't see it? 4. Segregation by adding more policy hubs. _______________________________________________ Help-cfengine mailing list [email protected] https://cfengine.org/mailman/listinfo/help-cfengine
