Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Proposed patch for status.c (3.5.0)

https://support.nagios.com/forum/viewtopic.php?t=24928

Page 1 of 1

Proposed patch for status.c (3.5.0)

Posted: Wed Jan 08, 2014 11:22 am
by jeffm
It seems that status.c doesn't check for permission to view a host when using "navbarsearch", this proposed patch fixes that problem:

Code: Select all

--- status.c.orig       2013-03-09 16:46:35.000000000 -0500
+++ status.c    2014-01-08 10:27:42.000000000 -0500
@@ -1537,6 +1537,10 @@
                /* find the host */
                temp_host = find_host(temp_service->host_name);
 
+               /* make sure user has rights to view this host */
+               if(is_authorized_for_host(temp_host, &current_authdata) == FALSE)
+                       continue;
+
                /* make sure user has rights to see this... */
                if(is_authorized_for_service(temp_service, &current_authdata) == FALSE)
                        continue;

Re: Proposed patch for status.c (3.5.0)

Posted: Wed Jan 08, 2014 11:38 am
by tmcdonald
Thanks for the submission! Have you created a bug report or shall I take care of this?

Re: Proposed patch for status.c (3.5.0)

Posted: Wed Jan 08, 2014 11:52 am
by jeffm
I haven't created a bug report. If you create it this time, I'll file one if there's a next time :)

Re: Proposed patch for status.c (3.5.0)

Posted: Wed Jan 08, 2014 12:08 pm
by tmcdonald
That sounds more than fair. Tracker link here: http://tracker.nagios.org/view.php?id=556

Going to close this up now. Thanks again!
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited