One idea that we do here is to chroot the entire nagios dir and all
related components (mysql, apache, etc). The parent directory of the
chroot is owned by root and set to 700 perm's. It requires a bit of
tweaking to get it right and lots of reading through log files to work
out the inital bugs, but once that's done, it works. For that matter,
the server itself is virtualized... so its chrooted within a virtualized
container.
Are you concerned with users getting in through the web page and
accessing the raw files and then knowing about your inside network or
employees gaining physical access to the server? The approach to protect
each is different. Or perhaps you're passing username/password combos in
some of the cfg files (ie: http testing, etc), so you want to hide that?
Easier solution is a nagios user with limited access to use for this
purpose. If you can elaborate on your areas of concern, we could
probably offer further input.
A. Davis
Email: ncc...@gmail.com
"There is no limit to what a man can accomplish
if he doesn't care who gets the credit." - Ronald Reagan
Mat W wrote:
if the idea is for others not to see it... why not just ensure proper
file ownership and limited permissions?
Assuming only Root and Nagios users can read the file... I'd think
anyone that could become those users should be able to read them anyway.
--
Mat W. - http://www.techadre.com <http://www.techadre.com/>
------------------------------------------------------------------------
Date: Tue, 16 Jun 2009 11:53:11 -0400
From: ebadd...@gmail.com
To: nagios-users@lists.sourceforge.net
Subject: [Nagios-users] Configuration files obfuscation
Hi,
is ther a way to obfuscate configuration files?
edward
------------------------------------------------------------------------
Bing™ brings you maps, menus, and reviews organized in one place. Try
it now.
<http://www.bing.com/search?q=restaurants&form=MLOGEN&publ=WLHMTAG&crea=TEXT_MLOGEN_Core_tagline_local_1x1>
------------------------------------------------------------------------
------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
http://p.sf.net/sfu/businessobjects
------------------------------------------------------------------------
_______________________________________________
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null