[dev.icinga.com #3810] add executed cmd and execution errors as attribute to checks/eventhandlers #1226
Comments
Updated by mfriedrich on 2013-03-08 20:18:38 +00:00
if it works out, this can be used for finally resolving #1137 |
Updated by mfriedrich on 2013-03-08 20:21:25 +00:00 furthermore, as commands may contain sensitive information, we should re-use the "authorized_for_full_command_resolution" option from cgi.cfg in order to explicitely allow users to view the executed command. plus - add some javascript to optionally slide it in. |
Updated by mfriedrich on 2013-03-10 20:43:45 +00:00 some ido backend queries for the *status tables where we gonna use that from icinga-web.
|
Updated by mfriedrich on 2013-03-10 21:06:16 +00:00 for the error/debug field, as well as event handlers, i have no special idea right now. |
Updated by mfriedrich on 2013-03-11 13:18:08 +00:00 might be a good idea to make this optional, as the checkresult files may relate to security concerns then too. |
Updated by mfriedrich on 2013-03-11 18:08:43 +00:00
during a long discussion this was reflected as potential security risk exposing user macros and custom variables containing sensitive information. which may be leaked in the checkresult files, as well as within the data structures themselves. so this won't be lost, but kept on a different branch, not currently released (and likely never, but that's another story). basically if the checkresult processing would happen in memory on the process itsself, it would be just the application's problem to limit the view on it. but with the core writing temporary files this is currently not possible. |
Updated by mfriedrich on 2014-01-03 20:18:44 +00:00
|
Updated by mfriedrich on 2014-07-19 13:02:18 +00:00
Too much security exposure involved. |
This issue has been migrated from Redmine: https://dev.icinga.com/issues/3810
Created by mfriedrich on 2013-03-08 15:33:32 +00:00
Assignee: (none)
Status: Rejected (closed on 2014-07-19 13:02:18 +00:00)
Target Version: (none)
Last Update: 2014-07-19 13:02:18 +00:00 (in Redmine)
which may be populated by the core
for those 2 features, qualified export to backends (status.dat, idoutils) should be added as attributes, plus support on classic ui and icinga web too.
inherited from this idea: http://feedback.icinga.org/forums/50329-general/suggestions/3309957-make-eventhandler-output-visible-especially-error
Changesets
2013-03-10 13:26:02 +00:00 by (unknown) c3f564f
2013-03-10 20:56:02 +00:00 by (unknown) 4945c54
2013-03-10 21:04:12 +00:00 by (unknown) 1f16e1e
2013-03-11 18:03:29 +00:00 by (unknown) f65e32a
Relations:
The text was updated successfully, but these errors were encountered: