- From: Miguel Cabeça <cabeca@ist.utl.pt>
- To: chef@lists.opscode.com
- Subject: Re: some questions
- Date: Fri, 17 Apr 2009 12:48:10 +0100
Hi,
Chef client will cache all cookbooks available from the Chef server
each time.
Does anyone else see a problem with this?This means any node managed
by a chef server will have access to recipes, files and templates
meant for any other node. If one node is compromised, the atacker will
have access to sensitive data for that node and for any other node
just by looking at the Chef client cache.
I know that the chef server is dumb and all the smarts are on the chef
client by design, but perhaps a smart move would be to give some
recipe processing brains to Chef server. At least to let it make
decisions about what coockbooks to provide to each client based on
"include_recipe" directives.
For now, I'll have to leave my multi-user machines outside of chef
management because of that.
I know that this may not be a big problem for the typical use of Chef
that I'm aware of (Web app server farms), for for my usage scenario
(Computer center of a major University in Portugal, with servers,
multi-user clusters and personal workstations) it is.
What are your thoughts on that?
Best Regards
Miguel Cabeça
Archive powered by MHonArc 2.6.16.