[Xymon] XyMon client binaries default security is bad

Andrey Chervonets a.chervonets at cominder.eu
Thu Feb 28 22:59:16 CET 2013


upgraded XyMon (clinet) to 4.3.10 (the same was at least in 4.3.5) and 
notices all files in bin can read and execute privileges to everyone:

ls -l client/bin/
total 1840
-rwxr-xr-x  1 xymon monitor 161079 Feb 28 21:08 clientupdate
-rwxr-xr-x  1 xymon monitor 200250 Feb 28 21:08 logfetch
-rwxr-xr-x  1 xymon monitor 151256 Feb 28 21:08 msgcache
-rwxr-xr-x  1 xymon monitor 153905 Feb 28 21:08 orcaxymon
-rwxr-xr-x  1 xymon monitor 156173 Feb 28 21:08 xymon
-rwxr-xr-x  1 xymon monitor 133445 Feb 28 21:08 xymoncfg
....

I suppose it depends on umask setting during installation, but I would 
be more happy if installation process setup more secured configuration 
regardless of default settings.
At least: -rwxr-x---


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20130228/43f5c16d/attachment.html>


More information about the Xymon mailing list