Project

General

Profile

Actions

Feature #32687

closed

Make the importing mechanism secure

Added by Lukas Zapletal almost 3 years ago. Updated almost 3 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Difficulty:
Triaged:
Yes
Fixed in Releases:
Found in Releases:

Description

The current design relies on trusted_hosts feature, clients use HTTPS API and Foreman checks their hostname/client CN.

For smart_proxy_host_reports, similar approach can be taken - list of allowed CN names, since callback would be typically running on the same host, the configuration can be set to only trust to the same hostname.


Related issues 1 (1 open0 closed)

Related to Foreman - Tracker #31142: New report model and import/view mechanismNewLukas Zapletal

Actions
Actions #1

Updated by Lukas Zapletal almost 3 years ago

  • Related to Tracker #31142: New report model and import/view mechanism added
Actions #2

Updated by Lukas Zapletal almost 3 years ago

  • Status changed from New to Rejected
Actions

Also available in: Atom PDF