Ad Widget

**Mox** · 27-09-2010, 08:45

any ideas?

**richlv** · 27-09-2010, 10:31

if true, it definitely is a bug. please, report on the tracker

**Mox** · 27-09-2010, 10:38

Originally posted by richlv

if true, it definitely is a bug. please, report on the tracker

excuse me, where can I find similar tracker?

**richlv** · 27-09-2010, 10:53

not sure about similarity, but zabbix bugtracker is located at https://support.zabbix.com

**Mox** · 27-09-2010, 11:00

thank you very much!

**James Wells** · 27-09-2010, 19:55

Greetings,

Originally posted by Mox

Now, in Zabbix 1.8.3, guest users can edit trigger comment.

Yes and no. They can edit alert comments, but not trigger comments. When a trigger fires, an alert is generated. During this process the trigger comments are copied to the alert comments. Anyone can append to the alert comments, but they cannot change the trigger comments as there is no mechanism for returning the data back to the trigger than caused the alert.

I mean that it is not necessary. IMHO only administrators should edit trigger comments.

This was originally put in to allow people working on the alert to communicate directly through the Zabbix UI by commenting directly on the alert.

**richlv** · 27-09-2010, 20:13

unfortunately, not really

if i got you correctly, you are talking about acknowledges - what is happening instead, guest (or most likely also any other user) with r/o access to a host can now edit trigger comments, which get saved to trigger configuration. a bug that should be fixed, of course.

**Mox** · 27-09-2010, 21:53

richlv right. I`m talking about trigger comments (monitoring->triggers->comments:add/show).
Not about acknowledges (monitoring->events->ack:yes/no).
Or I understand you incorrectly (I don`t understand what is `alert comments`).

**James Wells** · 27-09-2010, 22:37

Originally posted by richlv

if i got you correctly, you are talking about acknowledges

Nope, was talking about the alert comments. When you go to the trigger status page, the far right column (Comments) used to be read not from the triggers table, but from the alerts table. And it used to work the way I described above.

Acknowledges are yet another table and the comments there were meant for one purpose only to silence actions, while keeping an auditable log of who ack'd an alert and when.

what is happening instead, guest (or most likely also any other user) with r/o access to a host can now edit trigger comments, which get saved to trigger configuration. a bug that should be fixed, of course

Yeah, I found that out after reading your reply. The only good thing about the bug is that it does not propagate the edits up the tree or to other branches. As such it is easy to repair the damage by re-pushing the trigger configuration from the template. But, yes that bug needs to be fixed.

**richlv** · 28-09-2010, 08:11

Originally posted by James Wells

Nope, was talking about the alert comments. When you go to the trigger status page, the far right column (Comments) used to be read not from the triggers table, but from the alerts table. And it used to work the way I described above.

hmm. are you sure ? alerts table is used to store actual alerts, which are not really visible in the triggers table, and checking schemas of several zabbix versions i can't find any indications that it's been otherwise before

**Mox** · 01-10-2010, 15:05

resolved

Loading...

https://support.zabbix.com/browse/ZBX-3040

Ad Widget

Why guest users may edit trigger comments?

Why guest users may edit trigger comments?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment