Forum: CFEngine Help Subject: Re: Thoughts of encrypting the entire Cfengine workspace? Author: mikesphar Link to topic: https://cfengine.com/forum/read.php?3,25714,25754#msg-25754
msvob...@linkedin.com Wrote: > Ok, lets forget the shared key stored in > cf-exced's anonymous memory segment for a bit... > What if cf-agent pulled an encrypted bundle from > cf-serverd, and then cf-serverd provided a > one-time / one-use key to decrypt that bundle? > That way, the decryption mechnasium doesn't live > on the client. It lives on your master policy > server. The hacker would have to break into the > master policy server for the ability to decrypt > the payload. No, not at all, because no matter what you do, the local cf-agent has to decrypt the policy, and that means it's vulnerable to a person with root access. Even if cf-agent only gets the policy, decrypts it, applies it, and deletes it 30 milliseconds later, the hacker with root privileges can capture that data from memory. If the client can know it at all, then someone with root access on the client can know it. The *only* way to prevent someone on a client who has the ability to modify the system itself from knowing something is to never send it to the client. _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
