Ad Widget

Collapse

PATCH: Tightening up permissions in web frontend

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • cameronsto
    Senior Member
    • Oct 2005
    • 148
    #1

    PATCH: Tightening up permissions in web frontend

    Removed the read-only access of the guest user and noticed some things were still available/shown to anonymous users:
    1. 'Triggers' link still shown under 'Monitoring'
    2. 'Hosts' link still shown under 'Configuration Management'
    3. 'Reports' page still available

    The attached patches fix these issues, so removing the read-only permissions of the guest account prevents anonymous users from seeing any information.

    'config.inc.php.diff.txt' can be run from your 'zabbix' root web directory. For example, mine is /var/www/html/zabbix.

    'report1.php.diff.txt' can be run from the next level up. Mine would be /var/www/html.

    -cameron
    Attached Files
    Tags: None
    • shalako
      Member
      • Apr 2006
      • 30
      #2
      how to apply these patches?

      Could you tell me how to apply these patches? I thought I might use patch (patch -b origfile patchfile) but looking at the patch files themselves i'm wondering what they do. do they create new include_new and zabbix_new directories and put the patched version there?

        Comment

        • amcorreia
          Member
          • Mar 2006
          • 73
          #3
          Originally posted by shalako
          Could you tell me how to apply these patches? I thought I might use patch (patch -b origfile patchfile) but looking at the patch files themselves i'm wondering what they do. do they create new include_new and zabbix_new directories and put the patched version there?
          before you install. (make install)
          inside directory zabbix-VERSION/frontends/php
          patch < file_of_patch

          or after you install

          inside your root install web files.
          patch < file_of_patch


          excuse my indian's inglish hehehehehe

            Comment

            • cameronsto
              Senior Member
              • Oct 2005
              • 148
              #4
              Please note this patch might not work with the latest 1.1 release. This was made back in the earlier beta releases of 1.1.

              -cameron

                Comment

                • DiedX
                  Senior Member
                  • Oct 2004
                  • 106
                  #5
                  Cameron, great work!
                  https://www.diederik.nl

                    Comment

                    Previous template Next
                    Working...