Branch: refs/heads/2.3.0
Home:
https://github.com/Checkmk/checkmk
Commit: 5dd4158dd8c48796fac22701435718fb076e456b
https://github.com/Checkmk/checkmk/commit/5dd4158dd8c48796fac22701435718fb0…
Author: Rebekka Seltmann <rebekka.seltmann(a)checkmk.com>
Date: 2024-03-21 (Thu, 21 Mar 2024)
Changed paths:
M agents/plugins/kaspersky_av
M tests/unit-shell/agents/plugins/test_kaspersky_av.sh
Log Message:
-----------
Generalize common agent plugin code root_owned()
Pass permissions, owner and group directly and document arguments
Change-Id: I29095c316e1a4cd8bd234b65cbcfbc3867f2a693
Commit: 844db71b552d19d31bc9e68e441cb7691f55ed46
https://github.com/Checkmk/checkmk/commit/844db71b552d19d31bc9e68e441cb7691…
Author: Rebekka Seltmann <rebekka.seltmann(a)checkmk.com>
Date: 2024-03-21 (Thu, 21 Mar 2024)
Changed paths:
A .werks/16198.md
M agents/plugins/mk_informix
Log Message:
-----------
mk_informix: Do not allow privilege escalation
The informix database monitoring plugin would previously `eval` statements parsed from
`$INFORMIXDIR/bin/onstat`. Since the plugin is usually run as root, this could cause
statements injected in `$INFORMIXDIR/bin/onstat` to be run as root as well.
By adding scripts named the same as other functionality found in `$PATH` to
`$INFORMIXDIR/bin`, `$PATH` functionality could also be overshadowed and the custom
executed as root.
Finally, `$INFORMIXDIR/bin/onstat` would be executed as root, allowing a substituted
script to be run with elevated privileges.
With this werk, the environment variables will be exported instead and `$PATH` will now be
searched before `$INFORMIXDIR/bin`.
The plugin will now also check if `$INFORMIXDIR/bin/onstat` belongs to root if the plugin
is executed as root. If not, it will be executed as the user owning the executable.
Change-Id: Idfe1d31c80998c6067baa718df9fb0a5c293eb27
JIRA-Ref: CMK-15000
Commit: 0d24b786d29f66e38450ba9cd41b5247fde1a7d0
https://github.com/Checkmk/checkmk/commit/0d24b786d29f66e38450ba9cd41b5247f…
Author: Leonardo Petrora <leonardo.petrora(a)checkmk.com>
Date: 2024-03-21 (Thu, 21 Mar 2024)
Changed paths:
M cmk/gui/openapi/restful_objects/code_examples.py
Log Message:
-----------
Update `curl` examples in the REST API documentation
As curl is not suited for writing large scripts, when using our REST
API. In order to not confuse customers we did the following:
* Moved the curl tab to the last position, such that it is less
prominent
* Removed the if/else complexity. Only a singular `curl` call remains
* Added a warning message that `curl` should not be used for writing
large scripts and the code is provided for debugging purposes only.
CMK-14077
Change-Id: I057189e82eb9b29d7dd4aa77c1a7d441cad5dc43
Compare:
https://github.com/Checkmk/checkmk/compare/9be89ebd115b...0d24b786d29f
To unsubscribe from these emails, change your notification settings at
https://github.com/Checkmk/checkmk/settings/notifications