Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Ability to escalate to root privileges

https://support.nagios.com/forum/viewtopic.php?t=48705

Page 1 of 1

Ability to escalate to root privileges

Posted: Wed May 23, 2018 8:01 am
by dshearon
We recently had a security audit and pen test completed against our network and below is one of the findings for our Nagios server. I was hoping I could get some direction on securing the install without breaking any of the functionality. Below is a description of what the auditor found.



Description The nagios user on the internal Nagios server is allowed to execute numerous

scripts as root that it also has the ability to modify. This defeats the purpose of restricted

sudo permissions, because those scripts can be modified to contain arbitrary commands. For

example, we temporarily replaced one of the scripts with the following

contents, which granted unrestricted sudo access to the nagios user when the script was

executed via sudo:

#!/bin/bash

echo -e "nagios\tALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers

Re: Ability to escalate to root privileges

Posted: Wed May 23, 2018 12:23 pm
by tmcdonald
The upcoming Nagios XI 5.5 directly addresses the root escalation issues in the sudo scripts we use.

Re: Ability to escalate to root privileges

Posted: Wed May 23, 2018 12:37 pm
by dshearon
My deadline to have a fix implemented is June 1st 2018. Any chance we will see the update released before then.

Re: Ability to escalate to root privileges

Posted: Wed May 23, 2018 1:12 pm
by tmcdonald
I do not have a fixed release date I can give you, unfortunately however I do not believe it will be released by June 1.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited