Forum: CFEngine Help Subject: Re: Thoughts of encrypting the entire Cfengine workspace? Author: mikesphar Link to topic: https://cfengine.com/forum/read.php?3,25714,25722#msg-25722
msvob...@linkedin.com Wrote: > What if cf-agent contacted cf-serverd and obtained > a shared key to decrypt, then communicated that > key into cf-execd which was a long running > daemon.. The next time cf-agent runs, it either > gets an updated shared key from cf-serverd and > updates cf-exced, or, if the network is down, it > pulls the shared key that exists in-memory via > cf-execd. Doesn't that mean the key is available in memory on the theoretically compromised system? And are we talking about decrypting and re-encrypting the policy files each time with a new key? I really do think this is the same problem DRM faces. We're trying to come up with a way to allow a device to *automatically* perform instructions with no human intervention that someone with the power to modify that device cannot somehow intercept. I hate to say it but it almost sounds like puppet is better designed for this model of "don't tell the client anything that it does not need to know", which (if my understanding is correct) puppet achieves by performing a lot more work on the server side to compile a policy that only applies to each client that connects to it. (I have only the barest dabblings with puppet, however.) Frankly if one is that concerned with security, it makes more sense to not send sensitive data to a client at all if the client doesn't need to know it. _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
