[hobbit] Re: [hobbit-announce] Hobbit monitor: Security issue with Hobbit 4.2-beta client
Charles Jones
jonescr at cisco.com
Fri Jun 30 23:33:01 CEST 2006
Asif Iqbal wrote:
>For our systems we make sure if a log file needs to be monitored,
>it is atleast readable by a group in which `hobbit' user belongs to.
>
>
Same here, and in some installations, root access just plain isn't
available.
>>Running logfetch as suid-root will most likely be removed in the final
>>Hobbit 4.2 release of the client.
>>
>>
>
>I like that
>
>
Agreed. Everything (except hobbitping?) should be non-suid by default,
and even if hobbitping remains suid, "make install" should not get a
critical error if it cannot perform the chown and chmod of it. Perhaps
there could be a blurb in the docs to remind folks to make sure that
monitored logfiles need to be readable by the hobbit user or group, and
leave SUID-ing logfetch up to the user, at their own risk.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20060630/386dbf3e/attachment.html>
More information about the Xymon
mailing list