[Nagiosplug-devel] Security discussion - don't run as root plugins
stephane.urbanovski at ac-nancy-metz.fr
Mon Jul 21 12:15:47 CEST 2008
Andreas Ericsson a écrit :
> Thomas Guyot-Sionnest wrote:
>> One more though about it... I talked about a switch so far, but I think
>> it could be a better idea to make it an environment variable, so we
>> could drop root even before parsing arguments. Bugs in argument
>> processing could become a security issue if untrusted users has the
>> possibility to specify/alter arguments. While I'm aware there are many
>> other security implication regarding this, it's not a reason not to do
>> our best on the part we control.
> The user controls the environment as well, so the net gain is zero.
I think that this protection is a good idea, but we must have a way to disable it or to turn it into a simple warning message.
I like the environnement variable solution.
More information about the Devel