Re: [Nagios-devel] Problem with ping-check?
Posted: Mon Oct 15, 2007 4:34 am
Matthias Eble wrote:
>> I've moved from check_ping to check_icmp.
>> If check_ping can produce unnecessary alerts then why not simply symlink
>> check_ping to check_icmp or remove it?
>
> because check_icmp needs root privileges (setuid root). check_ping can
> be run without uid 0 because ping already has setuid root.
> check_icmp can only be installed with root privileges.
>
Well, it's bugs in /bin/ping or bugs in check_icmp. Both of them drop
root privs immediately after having obtained the raw socket, so the attack
vector is severely limited.
--
Andreas Ericsson [email protected]
OP5 AB www.op5.se
Tel: +46 8-230225 Fax: +46 8-230231
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]
>> I've moved from check_ping to check_icmp.
>> If check_ping can produce unnecessary alerts then why not simply symlink
>> check_ping to check_icmp or remove it?
>
> because check_icmp needs root privileges (setuid root). check_ping can
> be run without uid 0 because ping already has setuid root.
> check_icmp can only be installed with root privileges.
>
Well, it's bugs in /bin/ping or bugs in check_icmp. Both of them drop
root privs immediately after having obtained the raw socket, so the attack
vector is severely limited.
--
Andreas Ericsson [email protected]
OP5 AB www.op5.se
Tel: +46 8-230225 Fax: +46 8-230231
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]