On Mon, 14 Mar 2011 19:16:48 +0100 (CET) neilhwatson wrote: n> Are you proposing that the agent with root privilege should fetch n> files from the server running as non-root? I'm having trouble n> visualizing your architecture. I appreciate the effort run at least n> privilege but, are there any clear risks that justify this extra n> effort?
This is a very common requirement and one of the reasons we don't run cf-serverd here. If a process has no need to run as root, it shouldn't. Ted _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
