Cfservd access through firewall - dangerous ?

[Adrian Phillips]

I'd been thinking about how machines external to our firewall could
have access to cfservd, and basically had resigned myself to skipping
copy and using scp or rsync to copy files to them.

Somebody posted that they open a hole/tunnel in the firewall to the
cfservd which I thought could be a reasonably idea. I had some
questions from my director though which aren't covered in the
"Security and cfengine" section in the tutorial perhaps because they
are more general software issues :-

- a DoS against cfservd seems to be relativly difficult to accomplish
  as it does so much checking

- is it theoretically possible to "modify" cfservd such that it
  overwrites configuration files such that somebody could damage all
  the servers under cfengines administration ?

- even worse, would it be possible to get a shell prompt on the
  cfservd server ?

I must admit that I don't think the above is very likely as I feel
Mark has done such a good job writing a secure piece of software. I
suppose it comes down to how much you trust your software. We use exim
to receive email and it has a rather good security record, so I trust
it. The concern with cfservd is of course that somebody cracking this
will then have the ability to take over all machines that cfengine
administers.

I suppose one solution to this concern is to mirror the cfengine setup
to an external cfengine server.

Any comments would be much appreciated,

Sincerely,

Adrian Phillips

-- 
Your mouse has moved.
Windows NT must be restarted for the change to take effect.
Reboot now?  [OK]