Pretty much everything in puppet is secured with SSL certificates. If
someone has root access to one of your client machines, they have that
certificate. They can then retrieve anything that that node is allowed to
retrieve, which is generally specified in auth.conf. By default, I think
this includes their own catalog, their own node definition, all files
served by the master process... a few other things.
It shouldn't be able to get at your manifests directly, as those are
compiled before being sent to the client, nor should it be able to get at
hiera data on the master.
On Thursday, May 30, 2013 1:24:27 PM UTC-7, Vladimir Brik wrote:
>
> Hello,
>
> I am trying to better understand the security impact a compromised host
> managed by puppet could have on our infrastructure.
>
> Suppose an attacker gained root on a machine called 'owned', and we have
> this in site.pp:
>
> node owned {
> file {'foo':
> content => 'puppet:///modules/module_name/foo',
> }
> }
>
> Will agent running on 'owned' be able to retrieve:
> - <modulepath>/module_name/files/bar
> - <modulepath>/module_name/manifests
> - hiera data (other than what it's supposed to have access to)
>
>
> Thanks very much,
>
> Vlad
>
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
