[grnog] Saltstack Security Issues

[Antonis Chariton (daknob)]

Καλησπέρα,

για όποιον ίσως δεν το είδε: 
https://docs.saltstack.com/en/latest/topics/releases/3000.2.html

    This allows a remote user to access some methods without
    authentication. These methods can be used to retrieve user tokens
    from the salt master and/or run arbitrary commands on salt minions.

    These methods allow arbitrary directory access to authenticated users.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nogalliance.org/pipermail/grnog-members/attachments/20200503/1012aeb3/attachment.htm>