On Nov 10, 2007, at 4:27 AM, Ian J Cottee wrote:
> Hello all
>
> I''ve been reading the security details at
>
> reductivelabs.com/trac/puppet/wiki
> FileServingConfiguration#Security
>
> Can I confirm that even with "allow *", it will still only be
clients
> who have had their certs signed by the puppet server who will be
> allowed
> access? Either way, it might be a good idea to clarify this in the
> documents.
The only connection clients can ever perform when they''re not
authenticated is to ask for a certificate; everything else is denied
all the time.
So, yes, allowing a client always means only allow that client if
it''s authenticated.
Will someone clarify this in the documentation?
--
I think that''s how Chicago got started. A bunch of people in New
York
said, ''Gee, I''m enjoying the crime and the poverty, but it
just isn''t
cold enough. Let''s go west.'' --Richard Jeni
---------------------------------------------------------------------
Luke Kanies | reductivelabs.com | madstop.com