BUG: GetMetaConfiguration should validate property values against allowed values of MSFT_DSCMetaConfiguration CIM Properties
Once a node meta configuration is enacted, it is easy for an administrator or process (with malicious intent) to modify the MetaConfig.mof file in C:\Windows\System32\Configuration directory. The GetMetaConfiguration method in MSFT_DscMetaConfiguration class does not validate the property values against the allowed values of the CIM properties.
Steps to reproduce this behavior:
- Enact a simple meta configuration and enact it.
- Open the MetaConfig.MOF file in your favorite editor and change the value of ConfigurationMode to some random text.
- Save the file and close it.
- Run Get-DscLocalConfigurationManager.
- You will see the random value assigned to ConfigurationMode in the output although it is not a valid value for the ConfigurationMode property.
You can see this in action at https://pbs.twimg.com/media/DFervKvUIAA-7Na.jpg:large
We have validated this issue and created two bugs for it.
1. We will validate the MOF when it is passed in as part of our API (i.e. Set-DscLocalConfigurationManager) and error if the values are not valid.
2. We will write a warning when Get-DscLocalConfigurationManager reads a MOF that has invalid values and at LCM startup. The resultant behavior will behave like it does today where invalid values will be read as the default value by the LCM.
Please let us know if this meets your expectations.
Ravikanth Chaganti commented
Mark, this is great! Thanks for the quick response on this. what you outlined sounds like a good plan.