Skip to content

More secure default server setting #208

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

More secure default server setting #208

wants to merge 5 commits into from

Conversation

binford2k
Copy link
Contributor

Under some fairly obscure conditions, defaulting the server setting to
'puppet' can be a security concern. Because the worst case scenario
involves a user accidentally running puppet agent -t on an untrusted
network, this PR removes the default completely when non-root.
Otherwise, it just prints a deprecation warning.

Fixes https://github.com/voxpupuli/security-tracking/issues/22

@binford2k
More secure default server setting
8dc2b93 
Under some fairly obscure conditions, defaulting the server setting to
'puppet' can be a security concern. Because the worst case scenario
involves a user accidentally running `puppet agent -t` on an untrusted
network, this PR removes the default completely when non-root.
Otherwise, it just prints a deprecation warning.

Fixes voxpupuli/security-tracking#22
@binford2k
Copy link
Contributor Author

fwiw, I'm not actually happy with this solution. It means that in a completely serverless workflow, you'll have spurious warnings in the logs like such. I'll try to find a better way later, after we decide if this is a good idea or not.

$ sudo puppet apply /tmp/site.pp
Warning: OpenVox will not default to `server=puppet` as of version 9.0. Please update your configuration appropriately.
   (location: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/defaults.rb:1659:in `block in initialize_default_settings!')
Notice: Compiled catalog for lilith.local in environment production in 0.00 seconds
...

@binford2k
Better way to do it
1b6e9a4 
This moves the check and warnings to the http service so it only screams
if you actually use it. This avoids, for example, the spurious
deprecation message when running `puppet config set` to set this in the
first place!
@binford2k
revert some unintentional changes
1209fb9
@binford2k
revert some unintentional changes
ce46f5f
@binford2k
Copy link
Contributor Author

I moved the check and warnings to the http service so it only screams if you actually use it. This avoids, for example, the spurious deprecation message when running puppet apply, or even puppet config set to set it in the first place!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@binford2k