Re: [Nagios-devel] nrpe, arguments and security
Nagios network monitoring software is enterprise server monitoring
Brought to you by:
egalstad,
sawolf-nagios
From: <pe...@ce...> - 2004-11-30 15:50:33
|
On Tue, 30 Nov 2004, Andreas Ericsson wrote: > > +#define ALLOWED_ARGUMENT_CHARS " !abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" > > > > ! is not currently in the safe-by-default list, as it is treated > different depending on where your /bin/sh points to. ,.% are, though. But ! will never reach the shell, since it's just the internal argument separator. >I've already implemented whitelist argument chars in current NRPE (which >isn't publicly available, since I haven't gotten the PK authentication >to work properly). Thanks for participating though. It would be great if this issue could be resolved as soon as possible. Is it possible that you can add your "whitelist" implementation separated from the PK stuff? -- Peter Åstrand Chief Developer Cendio www.thinlinc.com Teknikringen 3 www.cendio.se 583 30 Linköping Phone: +46-13-21 46 00 |