check_ssh and check_ping not working with NRPE on remote host

[Greg Pangrazio]

The security risks are that there is a potential for remote command
execution on the system.  This is exactly the section I was refering
to.


Greg Pangrazio
pangrazi at gmail.com





On Tue, Dec 8, 2009 at 11:41 AM, ReynierPM <rperezm at uci.cu> wrote:
> Greg Pangrazio wrote:
>>
>> I use commands similar to what you are doing, did you enable command
>> processing from remote submissions?
>
> What you mean with "command processing remote submissions"? I can't
> understand this part.
>
>> In the windows version it says something about "don't blame me"
>
> I don't know what you mean with "windows version" but I found this line:
>
> # COMMAND ARGUMENT PROCESSING
> # This option determines whether or not the NRPE daemon will allow clients
> # to specify arguments to commands that are executed.  This option only
> works
> # if the daemon was configured with the --enable-command-args configure
> script
> # option.
> #
> # *** ENABLING THIS OPTION IS A SECURITY RISK! ***
> # Read the SECURITY file for information on some of the security
> implications
> # of enabling this variable.
> #
> # Values: 0=do not allow arguments, 1=allow command arguments
>
> dont_blame_nrpe=0
>
> So if I enable thi, which are the main security risks?
> --
> Cheers
> ReynierPM
>

------------------------------------------------------------------------------
Return on Information:
Google Enterprise Search pays you back
Get the facts.
http://p.sf.net/sfu/google-dev2dev
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null