Bug 682206 - [RFE] Kickstart Protection
Summary: [RFE] Kickstart Protection
Keywords:
Status: CLOSED INSUFFICIENT_DATA
Alias: None
Product: Spacewalk
Classification: Community
Component: Server
Version: 1.4
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Jan Pazdziora
QA Contact: Red Hat Satellite QA List
URL:
Whiteboard:
Depends On:
Blocks: spacewalk-rfe
TreeView+ depends on / blocked
 
Reported: 2011-03-04 12:53 UTC by Frederic Hornain
Modified: 2011-09-16 10:11 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-09-16 10:11:07 UTC
Embargoed:

Attachments (Terms of Use)

Description Frederic Hornain 2011-03-04 12:53:08 UTC 
Description of problem:
When I create Kickstarts, there are readable via http from everyone who have access to the Red Hat Satellite/Spacewalk Server. So in consequence, e.g. the root hash password is available for everyone, the base configuration as well.
OK, as soon as the installation is done I should change the root password but image that I forget.
 
AFAIK, there is not protection for that yet.
If there is then sorry for that.

OK, we could setup some security rules via iptables or maybe tcp wrapper but I should have to do modification in the configuration files inside the server.
Well, I am not convinced it will be the best way.
 
So if that demand could be considered for the next release of RHNS, it would be great.

BR
Frederic ;)
Comment 1 Jan Pazdziora 2011-03-04 16:03:02 UTC 
Can you clarify the proposed behaviour? How exactly do you plan to be able to kickstart any machine in your network and at the same time restrict access to the kickstart files?
Comment 2 Jan Pazdziora 2011-07-20 11:50:37 UTC 
Aligning under space16.
Comment 3 Jan Pazdziora 2011-09-16 10:11:07 UTC 
We don't have a clear requirement/specification -- closing now.
Note You need to log in before you can comment on or make changes to this bug.