Dear Maintainer,
i know, that you compiled without -enable-command-args and you wrote in the NEWS.Debian file, that you disabled it because there are security problems and that this feature is often used wrong.
Some people need this feature to manage monitoring parameters central. Your nrpe.cfg disables this feature by default (don't_blame_nrpe=0) and the features comment shows everyone, that enable it could be a security Problem.
For my opinion, disable this feature by default should be enough. If someone need this feature, he must compile his own nrpe server version. Maybe he need to do it on hundreds of Machines and he has to do it again, if the Debian Packet is updated. I don't think that Compile nrpe without this feature is a real security advantage because if someone need it, he will compile with this support except of only enable this feature.
I Agree with you, that this option could be a security risk, but it is possible to reduce the risk by setting allowed_hosts to restric who is able to communicate with nrpe.
It would be nice if you would compile with -enable-command-args again. It would give more flexibility how to use nrpe and all people who use command args wouldn't need to manage their own version of this packet.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756479
Комментариев нет:
Отправить комментарий