Hi Matthew,

this file is used to create a checksum for the local configuration
snapshots at time of change activation.
I checked on one of my old systems and it had the same settings (666). I
moved this file and made one config change.
After activation i had a new secret file now with (660).

For the complete local snapshot mechanic you find inside the source the
comment --> "# TODO: Remove once new changes mechanism has been implemented"
:)

Best regards
Andreas

Am Sa., 12. Okt. 2019 um 08:11 Uhr schrieb Ralf Prengel <
ralf.pren...@rprengel.de>:

> You can contact the developer using this address
> secur...@check-mk.org
>
> Von meinem iPad gesendet
>
> Am 12.10.2019 um 00:00 schrieb "matthew.st...@us.fujitsu.com" <
> matthew.st...@us.fujitsu.com>:
>
> 
>
> The company I work at, uses Rapid7 for security analysis.
>
>
>
> Ran a scan against one of my CheckMK servers, and got the following.
>
>
>
> Since I had already updated all the sites on this host to 1.6.0p3, I
> simply uninstalled the previous packages to address all the
> /opt/omd/versions/1.5.0p22 issues.
>
>
>
> However, the first line, leaves me puzzling….
>
>
>
> The file does have January 2016 timestamp, and this site had been created
> by cloning the entire host.  (Clone host. Delete folders that will not be
> kept on that host. Rename site on new host.)  Original site was created
> during the 1.4’s, and cloned in the early 1.5’s.
>
>
>
> The following world writable files were found.
>
> /opt/omd/sites/scp/etc/check_mk/snapshot.secret (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3-1.9.42-py2.7.egg-info/dependency_links.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3-1.9.42-py2.7.egg-info/PKG-INFO
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3-1.9.42-py2.7.egg-info/requires.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3-1.9.42-py2.7.egg-info/SOURCES.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3-1.9.42-py2.7.egg-info/top_level.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/cloudformation/2010-05-15/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/cloudwatch/2010-08-01/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/dynamodb/2012-08-10/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/ec2/2014-10-01/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/ec2/2015-03-01/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/ec2/2015-04-15/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/ec2/2015-10-01/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/ec2/2016-04-01/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/ec2/2016-09-15/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/ec2/2016-11-15/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/glacier/2012-06-01/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/iam/2010-05-08/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/opsworks/2013-02-18/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/s3/2006-03-01/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/sns/2010-03-31/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/boto3/data/sqs/2012-11-05/resources-1.json
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/MySQL_python-1.2.5-py2.7.egg-info/dependency_links.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/MySQL_python-1.2.5-py2.7.egg-info/PKG-INFO
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/MySQL_python-1.2.5-py2.7.egg-info/SOURCES.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/MySQL_python-1.2.5-py2.7.egg-info/top_level.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/CHANGES.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/data_files/a.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/data_files/b.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/data_files/c.rst
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/doc/source/conf.py
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/doc/source/index.rst
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/doc/source/installation.rst
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/doc/source/usage.rst
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/extra-file.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/git-extra-file.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/LICENSE.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/MANIFEST.in
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/pbr_testpackage/cmd.py
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/pbr_testpackage/extra.py
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/pbr_testpackage/__init__.py
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/pbr_testpackage/package_data/1.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/pbr_testpackage/package_data/2.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/pbr_testpackage/_setup_hooks.py
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/pbr_testpackage/wsgi.py
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/README.txt
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/setup.cfg
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/setup.py
> (-rwxrwxrwx)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/src/testext.c
> (-rw-rw-rw-)
>
> /opt/omd/versions/1.5.0p22.cre/lib/python/pbr/tests/testpackage/test-requirements.txt
> (-rw-rw-rw-)
> _______________________________________________
> checkmk-en mailing list
> checkmk...@lists.mathias-kettner.de
> Manage your subscription or unsubscribe
> https://lists.mathias-kettner.de/cgi-bin/mailman/listinfo/checkmk-en
>
> _______________________________________________
> checkmk-de mailing list
> checkmk-de@lists.mathias-kettner.de
> Verwaltung & Abmeldung unter
> https://lists.mathias-kettner.de/cgi-bin/mailman/listinfo/checkmk-de
_______________________________________________
checkmk-de mailing list
checkmk-de@lists.mathias-kettner.de
Verwaltung & Abmeldung unter
https://lists.mathias-kettner.de/cgi-bin/mailman/listinfo/checkmk-de

Antwort per Email an