[Pkg-puppet-devel] Bug#778891: Bug#778891: puppet: systemd unit file does not load environment from /etc/default/puppet - breaks upgrades
Rik Theys
Rik.Theys at esat.kuleuven.be
Mon Feb 23 12:28:30 UTC 2015
Hi,
On 02/23/2015 11:56 AM, Stig Sandbeck Mathisen wrote:
>> I'm not going to add it back, but unless I'm missing something in the
>> scenario I've outlined above, I don't agree there are no security
>> implications here.
>
> There is a bug, which should be fixed. I've upgraded it to "serious"
> again, so it is "release critical".
Thanks. Can you also remove the 'wontfix' tag?
> There are security implications, but as it needs administrative
> privileges to your DNS server or physical access to your network to
> exploit. (Or, you need to place your laptop running puppet on a hostile
> network, which is more likely.)
In our environment we have systems managed centrally and systems managed
by research groups but they share the same dns domain. I don't think
they would appreciate it if their systems suddenly started to contact
our puppet server :-).
Regards,
Rik
--
Rik Theys
System Engineer
KU Leuven - Dept. Elektrotechniek (ESAT)
Kasteelpark Arenberg 10 bus 2440 - B-3001 Leuven-Heverlee
+32(0)16/32.11.07
----------------------------------------------------------------
<<Any errors in spelling, tact or fact are transmission errors>>
More information about the Pkg-puppet-devel
mailing list