Issue #1981 has been updated by Paul Nasrat.
I've been thinking about this, we have a core set of facts that facter handles, a bunch of things that depend on them for confines (particularly operating system, etc) and then custom facts. I think we should keep the ability to override (sometimes useful for allowing users to patch in fixes to facts without touching the install), but also be able to turn that off see also Issue #4551. We should be able to audit the resolution path and warn (this goes into adding logging to facter) when we're overriding particular values. ---------------------------------------- Feature #1981: Facter should support designating values as untrusted http://projects.puppetlabs.com/issues/1981 Author: Luke Kanies Status: Accepted Priority: Normal Assigned to: Category: Target version: Keywords: Branch: As we make it easier to inject data into Facter, it's quite possible that a normal user could eventually be given the right to add data to Facter. This presents the possibility of a normal user affecting the behaviour of Puppetd, effectively providing a means of exploit. We need some way to either only allow values provided by root, or a way of designating values as trusted vs. untrusted. Then Puppet probably needs some way to support the difference, ignoring untrusted values or something similar. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
