lists| wrote:
> Thanks for pointing this discrepancy out. Custom macros should be
> cleaned IMO, so I opted to update the docs instead.
During the weekend I haven't been able to understand the rationale=20
behind this. Could you help me understand it?
Looking at the other macros subjected to macro cleansing[1]
1. $HOSTOUTPUT$
2. $LONGHOSTOUTPUT$
3. $HOSTPERFDATA$
4. $HOSTACKAUTHOR$
5. $HOSTACKCOMMENT$
6. $SERVICEOUTPUT$
7. $LONGSERVICEOUTPUT$
8. $SERVICEPERFDATA$
9. $SERVICEACKAUTHOR$
10. $SERVICEACKCOMMENT$
it looks to me as if the values of these all originate from outside the=20
config files. Then cleansing makes sense: "We don't really know/trust=20
the source of these values, so lets make sure they are safe".
But the values of Custom Object Variables come from the config files, so=20
why aren't they to be trusted? I don't (yet) see the conceptual=20
difference between allowing special/illegal characters in Custom Object=20
Variables and allowing them in $ARGn$ definitions. If we don't trust the=20
author of the config files, shouldn't we cleanse $ARGn$ definitions in=20
"check_command"s too then? Why one and not the other?
Peter
--=20
Peter Valdemar M=C3=B8rch
http://www.morch.com
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: ?UTF-8?B?IlBldGVyIFZhbGRlbWFyIE3DuHJjaCAoTGlzdHMpIg==?