subject:"Cfengine Help\: Re\: Cfengine Help\: Re\: Running cf\-serverd as non\-root"

Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

2011-03-16 Thread no-reply

Forum: Cfengine Help Subject: Re: Cfengine Help: Re: Running cf-serverd as non-root Author: berntjernberg Link to topic: https://cfengine.com/forum/read.php?3,21152,21165#msg-21165 Hi, One can start cf-serverd as non-root with strict permissions on user's home directory and .cfagent. # ls -ld

Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

2011-03-16 Thread no-reply

Forum: Cfengine Help Subject: Re: Cfengine Help: Re: Running cf-serverd as non-root Author: berntjernberg Link to topic: https://cfengine.com/forum/read.php?3,21152,21164#msg-21164 Hi, Thanks for the response, I think this is an important discussion. > Having said that, let's consider least priv

Re: Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

2011-03-15 Thread Christopher Browne

On Tue, Mar 15, 2011 at 1:59 PM, Mike Hoskins wrote: > Having said that, let's consider least privilege for a minute. If your > cfengine hosts are locked down in accordance with best practices, they > will not be hosting other services (and likely in a DMZ). If someone > compromises cfservd, the

Re: Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

2011-03-15 Thread Mike Hoskins

On 3/15/11 7:32 AM, no-re...@cfengine.com wrote: > Forum: Cfengine Help > Subject: Re: Cfengine Help: Re: Running cf-serverd as non-root > Author: berntjernberg > Link to topic: https://cfengine.com/forum/read.php?3,21152,21155#msg-21155 > > Hi, > >> So it depends on your policy I guess, but you sh

Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

2011-03-15 Thread no-reply

Forum: Cfengine Help Subject: Re: Cfengine Help: Re: Running cf-serverd as non-root Author: berntjernberg Link to topic: https://cfengine.com/forum/read.php?3,21152,21157#msg-21157 Hi, I have created a normal user that I run cf-serverd as. I make a copy of the binaries to ~cfengine/.cfagent/bin

Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

2011-03-15 Thread no-reply

Forum: Cfengine Help Subject: Re: Cfengine Help: Re: Running cf-serverd as non-root Author: eystein Link to topic: https://cfengine.com/forum/read.php?3,21152,21156#msg-21156 Perhaps I was a bit unclear, but there is nothing that limits you from running any component as the user you wish. Cfengin

Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

2011-03-15 Thread no-reply

Forum: Cfengine Help Subject: Re: Cfengine Help: Re: Running cf-serverd as non-root Author: berntjernberg Link to topic: https://cfengine.com/forum/read.php?3,21152,21155#msg-21155 Hi, > So it depends on your policy I guess, but you should expect to spend > more time if you decide to run cf-serve

Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

Re: Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

Re: Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

Cfengine Help: Re: Cfengine Help: Re: Running cf-serverd as non-root

7 matches

Site Navigation

Mail list logo

Footer information