Branch: refs/heads/2.2.0
Home:
https://github.com/Checkmk/checkmk
Commit: 84dd7511986e29bec46a31347eb11f0fc9a78909
https://github.com/Checkmk/checkmk/commit/84dd7511986e29bec46a31347eb11f0fc…
Author: Hannes Rantzsch <hannes.rantzsch(a)checkmk.com>
Date: 2024-05-28 (Tue, 28 May 2024)
Changed paths:
A .werks/15200
M active_checks/check_sftp
M cmk/gui/plugins/wato/active_checks/sftp.py
Log Message:
-----------
15200 SEC Restrict check_sftp local paths
check_sftp now only allows uploading files from and downloading files to
a dedicated directory in SITE_HOME/var. While the names and general
meaning of the command line arguments remain unchanged, paths are now
always interpreted relative to that dedicated directory.
Attempting to escape from this directory (path traversal) will cause the
check to abort and fail.
Change-Id: Iaa369dfbfdad9140fb8367514fd68a578b40c5e8
To unsubscribe from these emails, change your notification settings at
https://github.com/Checkmk/checkmk/settings/notifications