[chef] Client privileges


Chronological Thread 
  • From: Anthony Goddard < >
  • To:
  • Subject: [chef] Client privileges
  • Date: Tue, 28 Jun 2011 13:52:09 -0400

Hi All,
I'm poking around at the different privileges for admin / non admin users / clients, mostly with a view to considering what happens if root privileges are gained by a malicious user on a machine that's managed by chef. I know the user can do a lot of queries using the client.pem but can't write changes, though I'm not sure of the specifics.

I'm wondering if there's any more info around (haven't been able to find it on the wiki) regarding exactly what the differences are between admin users and regular users, what privileges a client has etc..


Cheers,
Ant

 



Archive powered by MHonArc 2.6.16.

§