NRPE - command arguments, security?
chiel
chiel at gmx.net
Tue Apr 10 16:01:00 CEST 2007
Hi all,
I have just implemented some NRPE servers and I want to allow "command arguments" with nrpe.
In the security readme form nrpe I see that this is a security issue and you must set "dont_blame_nrpe" (only the argument name already...).
The only thing is that I don't see any reason in the docs why this is so dangerous. Can somebody please explain?
chiel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20070410/885a00ff/attachment.html>
-------------- next part --------------
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list