[chef] Re: Chef Server security

[Adam Jacob < >]

Right. The tl;dr is that the Chef Server is a publishing platform - you publish content to it, and it distributes that content to the clients who need it. The security of that content relies on validating that the submitter is identified with a private key, that the requests they made were authorized, and that the checksums match (which is built in to the way the server stores and retrieves cookbook data.) If the Chef Server is compromised, all bets are of course off - you can manipulate the content that gets distributed directly. This is no different than any other distribution platform - if you can take control of the origin, you can manipulate what is distributed.

Best,

Adam

On Fri, May 30, 2014 at 5:14 AM, James Le Cuirot < " target="_blank"> > wrote:

Hello all,

I used Chef a long time ago and am now bringing it into my new job
where security is a bigger priority. I've seen stuff like chef-vault,
which is great, but I'm finding very little about how clients could be
abused if the Chef Server is compromised, i.e. cookbooks being modified
and such. It seems like just about anything could happen. Maybe the
answer is simply "defend your Chef Server like Fort Knox" but I
expected to see more discussion to that effect.

Obviously Chef is used by some massive players around the world and I'm
not claiming that our security needs are somehow greater than theirs
but I still feel this is a valid concern. Some opinions would be
appreciated.

Regards,
James

--

Opscode, Inc.
Adam Jacob, Chief Dev Officer
T: (206) 619-7151 E: " target="_blank">