[Nagios-devel] Security issues with nagios config file

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
Guest

[Nagios-devel] Security issues with nagios config file

Post by Guest »

0755 and 0644 are system defaults for most systems. I have my config
files set to 0600 and they still work.
i would bet even 0400 would work. this would lock them even further and
still run correctly. as long as the owner of the file is the name you
use run the daemon i dont think its an issue. remember though if your
changing directory permisions you need Execute authority to view the
files in the directory below so a directory could look like this 0500
now only the owner and root can view files in that directory and only
root can write(create new files).
hope this helps





Message: 2
Date: Mon, 8 Jul 2002 15:24:13 -0500
From: "Mike McHenry"
To:
Subject: [Nagios-devel] Security issues with nagios config file
permissions

This is a multi-part message in MIME format.

------_=_NextPart_001_01C226BD.6C805FC8
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Is there any way we can tighten the file permissions on the
configuration files? Certain plugins require you to list things like
SNMP community strings which are somewhat sensitive. Personally, I set
my /etc/nagios permissions as follows...







This post was automatically imported from historical nagios-devel mailing list archives
Original poster: mmchenry@origix.net
Locked