help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bootstrapping


From: Mark . Burgess
Subject: Re: Bootstrapping
Date: Wed, 18 Feb 2004 22:02:25 +0100 (MET)

> I don't really trust cfengine's trust models anyway and probably wouldn't
> use them even if I had a cfservd outside my firewall. I'd use
> router ACLs upstream of the cfservd host and iptables on the box itself
> to only permit known-good IPs.

NOw this is asking for a flame. Why do people say things
like this? What trust model would you trust?
If you don't trust the cfengine trust model then
you do not trust the secure shell trust model either, because
it is the same only less strict. The cfengine trust model is really
quite strict compared to many. Is this just a thoughtless
comment or do you have an actual criticism to make of it?

Mark

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272            Email:  address@hidden
Fax : +47 22453205            WWW  :  http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





reply via email to

[Prev in Thread] Current Thread [Next in Thread]