chef-dev - [chef-dev] How Secure is an encrypted data bag, really?

Subscribers: 756
Owners
Adam Jacob
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

Chef Developers

[chef-dev] How Secure is an encrypted data bag, really?

From: Bryan Taylor < >
To: " Dev" < >
Subject: [chef-dev] How Secure is an encrypted data bag, really?
Date: Fri, 4 Oct 2013 05:23:34 +0000
Accept-language: en-US

If an attacker gains access to the chef server, can they not alter cookbook code that chef clients eventually run to obtain the data bag decryption keys this way? Is there any protection against this? If not, are there still scenarios where the encryption does add value?

[chef-dev] How Secure is an encrypted data bag, really?, Bryan Taylor, 10/03/2013
- [chef-dev] Re: How Secure is an encrypted data bag, really?, Joshua Miller, 10/03/2013
  - [chef-dev] Re: How Secure is an encrypted data bag, really?, Bryan Taylor, 10/03/2013
    - [chef-dev] Re: How Secure is an encrypted data bag, really?, Joshua Miller, 10/04/2013
- [chef-dev] Re: How Secure is an encrypted data bag, really?, Noah Kantrowitz, 10/04/2013
  - [chef-dev] Re: How Secure is an encrypted data bag, really?, Bryan Taylor, 10/04/2013
- [chef-dev] Re: How Secure is an encrypted data bag, really?, Peter Loron, 10/04/2013