On Tue, Sep 17, 2013 at 06:18:48AM -0700, jcbollinger wrote:
>
>
> On Tuesday, September 17, 2013 1:20:40 AM UTC-5, huangm...@gmail.com wrote:
> >
> > I want the puppetmaster can sign the manifest. avoid some guys publish
> > dangerous manifest to agent. like exec{"foo": command=>"rm / -rf";}
> >
> >
> Sure, but signed manifest code also just verifies (with reasonable
> confidence but not absolute certainty) that the manifests were signed by a
> particular authority. It's not qualitatively different in that respect;
> it's just a question of how great your trust in the signer can or should be.
>
Ahh, but many is the time I wished we had a signing mechanism for forge
modules.
--
-ashley
Did you try poking at it with a stick?
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
