[Nagios-devel] NRPE Patch to allow NASTY_METACHARS to be defined in

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
Guest

[Nagios-devel] NRPE Patch to allow NASTY_METACHARS to be defined in

Post by Guest »


--Apple-Mail-4--947465363
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii

Hi All,

I'm working on a project where we are passing command arguments through =
to NRPE and want to be able to execute (things like) check_disk on =
storage volumes that contain spaces (i.e. /Volumes/Macintosh HD). When =
passing to the volume we need to escape spaces and the current build of =
NRPE doesn't allow this because of the internally hard coded =
NASTY_METACHARS variable we are not able over ride on a per-instance =
NRPE installation. I realise that allowing some types of characters =
through to NRPE causes "potential" security concerns but NRPE over SSL, =
firewalled off and running as a non-priviledged user "should" be =
sufficient, how ever I think its wisest to let the users decide what the =
feel is acceptable.

The attached patch for NRPE version 2.12 allows you to specify the =
variable illegal_metachars in your nrpe.cfg (or included configuration =
file), if you don't specify illegal_metachars it will default to that of =
the previously used NASTY_METACHARS variable.=20

I have attempted to use the same conventions when applying the changes =
to the source code and generating the patch.

Hopefully this is of value and gets included in future NRPE builds.

Any questions please let me know.


--Apple-Mail-4--947465363
Content-Disposition: attachment;
filename=nrpe-illegal-chars.patch
Content-Type: application/octet-stream;
name="nrpe-illegal-chars.patch"
Content-Transfer-Encoding: 7bit

--- nrpe-2.12/src/nrpe.c.orig 2011-03-07 00:08:59.000000000 +0000
+++ nrpe-2.12/src/nrpe.c 2011-03-07 00:09:03.000000000 +0000
@@ -42,7 +42,6 @@

#define DEFAULT_COMMAND_TIMEOUT 60 /* default timeout for execution of plugins */
#define MAXFD 64
-#define NASTY_METACHARS "|`&><'\"[]{};"
+
+

# INCLUDE CONFIG FILE
# This directive allows you to include definitions from an external config file.

--Apple-Mail-4--947465363
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=us-ascii



--
Thanks,

Tim Philips
RND GROUP LIMITED


--Apple-Mail-4--947465363--





This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]
Top
Locked

Return to “Open Source Nagios Projects”