NRPE - command arguments, security?

chiel chiel at gmx.net
Tue Apr 10 16:01:00 CEST 2007

Previous message: NRPE - command arguments, security?
Next message: Undetermined times in availability reports
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all,

I have just implemented some NRPE servers and I want to allow "command arguments" with nrpe.
In the security readme form nrpe I see that this is a security issue and you must set "dont_blame_nrpe" (only the argument name already...).

The only thing is that I don't see any reason in the docs why this is so dangerous. Can somebody please explain?

chiel


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20070410/885a00ff/attachment.html>
-------------- next part --------------
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: NRPE - command arguments, security?
Next message: Undetermined times in availability reports
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list