Re: [Nagios-devel] Security issue
Posted: Sat Nov 08, 2008 3:38 pm
Ton Voon wrote:
>
> There's another component, which is the large change of the handling
> of commands in cmd.cgi. Andreas says "vulnerabilities [...] resulted
> in cmd.cgi potentially accepting commands from low-privileged users
> that those users should not have been able to submit". However, I
> don't quite understand why this is required yet. Any additional
> explanation here?
>
The huge rewrite was not, strictly speaking, necessary. I could have
done it by adding multiple snprintf()'s to the command_buffer and then
issued multiple calls to write_command_to_file(), but the number of
places where I'd have been forced to juggle return codes etc. quickly
grew unwieldy, so I decided to wrap it. Since I've been doing work on
replaceable external commands, I re-used that list to be able to pass
a numerical command-id to cmd_submitf() and thereby clean up the code
a bit as well as group a ton of case statements together.
> Great work from the community on this!
>
Agreed.
--
Andreas Ericsson [email protected]
OP5 AB www.op5.se
Tel: +46 8-230225 Fax: +46 8-230231
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]
>
> There's another component, which is the large change of the handling
> of commands in cmd.cgi. Andreas says "vulnerabilities [...] resulted
> in cmd.cgi potentially accepting commands from low-privileged users
> that those users should not have been able to submit". However, I
> don't quite understand why this is required yet. Any additional
> explanation here?
>
The huge rewrite was not, strictly speaking, necessary. I could have
done it by adding multiple snprintf()'s to the command_buffer and then
issued multiple calls to write_command_to_file(), but the number of
places where I'd have been forced to juggle return codes etc. quickly
grew unwieldy, so I decided to wrap it. Since I've been doing work on
replaceable external commands, I re-used that list to be able to pass
a numerical command-id to cmd_submitf() and thereby clean up the code
a bit as well as group a ton of case statements together.
> Great work from the community on this!
>
Agreed.
--
Andreas Ericsson [email protected]
OP5 AB www.op5.se
Tel: +46 8-230225 Fax: +46 8-230231
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]