[Nagiosplug-devel] Antwort: Security discussion - don't run as root plugins
Matthias Eble
PsychoTrahe at gmx.de
Wed Jul 23 21:46:05 CEST 2008
Hi all,
On Mon, 2008-07-21 at 11:05 +0200, Andreas Ericsson wrote:
> To prevent user-errors while debugging, I could imagine doing something
> like this (obviously with a more informative message):
>
> end_of_real_output:
> if (!geteuid() && isatty(fileno(stdout))
> printf(stderr, "Don't debug plugins as root.\n");
this is exactly what I wanted to propose while reading this thread.
Dropping privileges to which id ever determined by an argument, env-var
or whatever isn't worth the effort if you ask me. Under normal
circumstances the plugins (except the plugins-root/ ones) are run with
an unprivileged uid. If not, one has to assume the user knows what
he/she is doing. Thus no one should be hindered to do so, as this might
be necessary or sensible in some cases.
I definitely hate the problem reports made by uid-0-testers. So
attaching a note to stderr is a good way to inform interactive users
that they might do something wrong.
I could also image adding such a text to the last line of plugin stdout.
With that, the warning is also shown in the UI (v3) or silently ignored
(v2). A configure option could also be added to prevent writing the
warning to stdout.
Matthias
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://nagios-plugins.org/archive/devel/attachments/20080723/3c3a9c49/attachment.sig>
More information about the Devel
mailing list