Thanks everyone participated for interesting discussion!
Yes, securing client-server communication may be a problem. I see just 2 quite simple things, that will eliminate most of issues a) limit list of acceptable connections by IP at OS level (or may be XyMon may do this too?!) b) use ssh tunnels between client and Server - it was already described in XyMon manuals or Wiki
All other cases when someone will try to send report "on behalf of" real client - are more complicated and require some networking skills and special reasons.
My concern regarding read and execute permission to everyone on client host - was just prevent other then xymon users to try and play with xymon tools. If anyone see it can execute anything - it can try to do something just for interest, for example to send "drop .." request", just to test System security and sysadmin ability to track exceptions.
I think this can be easy fixed, for example with 1 find execution after installation done: find client/ -exec chmod o-rwx {} \; or just: find client/bin -exec chmod o-rwx {} \; # if someone see others should see some output generated.
Best regards,
Andrey Chervonets
CoMinder SIA. http://www.cominder.eu/ Mobile: +371 26517848 Fax: +371 66066346