Re: [Nagios-devel] Security issues with nagios config file permissions

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.

Re: [Nagios-devel] Security issues with nagios config file permissions

Post by Guest »

Wouldn't this be better handled by simply storing the community
string and other sensitive stuff in the resource.cfg file? The
permissions can be more restrictive on that file, as the CGIs don't
attempt to read it (default is 660).

On 8 Jul 2002 at 15:24, Mike McHenry wrote:

> Is there any way we can tighten the file permissions on the
> configuration files? Certain plugins require you to list things like
> SNMP community strings which are somewhat sensitive. Personally, I
> set my /etc/nagios permissions as follows=A6
> /etc/nagios nagios:apache 0750
> /etc/nagios/* nagios:apache 0640
> I believe the default permissions are 0755 root:root and 0644
> root:root
> Mike McHenry

Ethan Galstad,
Nagios Developer

This post was automatically imported from historical nagios-devel mailing list archives
Original poster: