Closed clems4ever closed 4 years ago
There is an issue in the tests with the following error message
Chef Development Kit cannot execute without accepting the license
Exited with code 172
Can someone help me fix that?
Hello @scalp42 , can you please give me your insight on that patch? I'd also need some help to fix the CI. I fixed the tests for my PR, but CI is still failing and the cause is unlikely related to my patch now. Can you please help?
Description
With the current default mode for the definitions, any user on the machine running the consul client can read the service definition holding the ACL token. If an attacker gets into the server as a non consul user, he could easily steal tokens of all registered services.
Issues Resolved
ACL token leak in case of an attack on a server.
Check List