ID: 14925
Title: Tighten permissions for Event Console pipe and sockets
Component: Event Console
Level: 1
Class: Bug fix
Version: 2.2.0i1
For some internal communication of the <i>Event Console</i> Unix sockets are
used.
These reside in <tt>tmp/run/mkeventd/</tt> and used to be world readable.
Since these sockets are not meant to be used from site external scripts and we cannot
foresee the side-effects the permissions were changed so that only Checkmk can read and
write to them.
To make it easier to write custom events to the <i>Event Console</i> there is
a Unix pipe also in <tt>tmp/run/mkeventd/</tt>.
This pipe used to be world readable and writeable.
With this Werk the permission is changed so that the Pipe is only world writeable.
So custom scripts can still write events to this pipe but can no longer read from this
pipe.
If you used these sockets or pipe with custom scripts and rely on the previous
permissions, you still can change them (eg. with <tt>chmod</tt>).
Please be aware that we do not support this customization.