Re: [Nagios-devel] Need a way to prevent custom object variables
Posted: Fri Dec 29, 2006 6:25 pm
In message ,
Joerg Linge writes:
>Am Freitag, 29. Dezember 2006 18:36 schrieb [email protected]:
>> Hi all:
>[...]
>> It also mentions that custom object vars are available as
>> environmental variables. Is there a way to turn that off? I.E. if the
>> variable was a password you don't want that being passed in the
>> environment where it is viewable by everybody.
>
>The ENV Vars are only available for new processes forked by the Nagios Daemon.
>So the vars are not available for everybody.
Using ps I can dump the environment of any/all processes by default
under linux (ps -auxew for example), so unless you are running a
security enhanced linux that restricts that, any user on the system
can see the environment including passwords.
-- rouilj
John Rouillard
===========================================================================
My employers don't acknowledge my existence much less my opinions.
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected], "John Rouillard"@cs.umb.ed