Security in the cgi
Ton Voon
ton.voon at altinity.com
Thu Mar 9 23:23:20 CET 2006
On 9 Mar 2006, at 15:44, Jim Perrin wrote:
> On 3/9/06, Rafael Bandeira da Costa <rafaelc at vegait.com.br> wrote:
>> Alan Maxwell escreveu:
>>
>> Is it possible to setup the security to allow a login to be able
>> acknowledge
>> alerts but not be able to disable services and hosts?
>> Using nagios 2.0
>>
>>
>
> There is a patch at
> http://altinity.blogs.com/dotorg/patches/issue_commands_1.patch that
> allows users to view items, but not issue any changes. It seems to
> work rather well. Hopefully it or something like it will make it in
> the next 2.x update. It looks much nicer than the .htaccess denial
> from a user perspective. See the 26 Feb article here
> http://altinity.blogs.com/dotorg/nagios/index.html
Jim, glad you like the patch. Ethan has committed it into Nagios 3.x,
but has not chosen to put it into the 2.x branch. Make sure you let
Ethan know if it should be in - if there's a lot of users, then I'm
sure he'll reconsider.
I'll try and make sure it always applies cleanly to 2.x.
However, Alan's request won't work with this patch. He wants a user
to be able to acknowledge an alert (which would involve submitting a
command) but not disable services/hosts (which is submitting a
different command). The patch only says whether a user can submit or
not. There's no granularity in the types of commands in Nagios yet.
Ton
http://www.altinity.com
T: +44 (0)870 787 9243
F: +44 (0)845 280 1725
Skype: tonvoon
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list