There's nothing inherent to CFEngine that would cause it to copy *all* of the ppkeys. Do you perhaps have a copy statement that downloads all of the master's /var/cfengine/ppkeys?
However, the .pub's are not considered secret information -- posessing them gives no special access to anything. I suppose though you could consider it an information-leak as it tells you what other clients are running CFE. -Jason Martin > -----Original Message----- > From: > [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > org] On Behalf Of trevor obba > Sent: Thursday, September 15, 2005 1:19 PM > To: [email protected] > Subject: cfengine transfer public keys > > so every client machine has 100 other clients public > key in /var/cfengine/ppkeys surely this a security > hole. _______________________________________________ Help-cfengine mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-cfengine
