It could allow bogus reports to be sent to the Xymon server, maybe hiding something malicious.
Also, a lot of security scans will pick up on things that are world executable and not in one of the standard directories (like /usr/bin, /bin, etc.).
Thanks, Larry Barber
On Thu, Feb 28, 2013 at 9:37 PM, Jeremy Laidman <jlaidman at rebel-it.com.au>wrote:
What's wrong with non-xymon users executing these commands? What harm could it do?
On 1 March 2013 08:59, Andrey Chervonets <a.chervonets at cominder.eu> wrote:
upgraded XyMon (clinet) to 4.3.10 (the same was at least in 4.3.5) and notices all files in bin can read and execute privileges to everyone:
ls -l client/bin/ total 1840 -rwxr-xr-x 1 xymon monitor 161079 Feb 28 21:08 clientupdate -rwxr-xr-x 1 xymon monitor 200250 Feb 28 21:08 logfetch -rwxr-xr-x 1 xymon monitor 151256 Feb 28 21:08 msgcache -rwxr-xr-x 1 xymon monitor 153905 Feb 28 21:08 orcaxymon -rwxr-xr-x 1 xymon monitor 156173 Feb 28 21:08 xymon -rwxr-xr-x 1 xymon monitor 133445 Feb 28 21:08 xymoncfg ....
I suppose it depends on umask setting during installation, but I would be more happy if installation process setup more secured configuration regardless of default settings. At least: -rwxr-x---
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon