From: Ethan G. <ega...@na...> - 2011-07-26 01:35:26
|
Patched - thanks! Ethan Galstad Sven Nierlein wrote: > Hi, > > One of our customers found a bug in the nagios cgis. It's easy to > reproduce: > > 1. create a new user > 2. give him authorized_for_all_services and authorized_for_all_hosts in > your cgi.cfg > > The contact should now be able to see all hosts and services but should > not be allowed to submit any commands. > However, if the contact submits hostgroup or servicegroup commands, they > are accepted and executed. > The attached patch fixes that behavior. > > Regards, > Sven > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------------ > All the data continuously generated in your IT infrastructure contains a > definitive record of customers, application performance, security > threats, fraudulent activity and more. Splunk takes this data and makes > sense of it. Business sense. IT sense. Common sense.. > http://p.sf.net/sfu/splunk-d2d-c1 > > > ------------------------------------------------------------------------ > > _______________________________________________ > Nagios-devel mailing list > Nag...@li... > https://lists.sourceforge.net/lists/listinfo/nagios-devel |