Hi, Maybe I'm missing something obvious because my question sounds very naive to me. Anyway, here I go:
Is it possible to prevent module developers from writing files in the master via custom Puppet functions[0]? At least in my environment[1] I can come up with several malicious things that users could end up doing. For instance, the modules directory that the master uses to generate the catalogs is writable by the same user that runs the Puppet daemon so every module developer could overwrite someone else's work. I'm running Puppet 2.7.18. [0] http://docs.puppetlabs.com/guides/custom_functions.html [1] Access to Puppet masters is restricted to a few but we have many "unrelated" people using them and writing their own manifests to configure their services. Thanks! N -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/-4AitY-Ntq8J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
