On 2 March 2013 06:44, Larry Barber <user-6ef9c2864140@xymon.invalid> wrote:
It could allow bogus reports to be sent to the Xymon server, maybe hiding
something malicious.
I can do that using telnet, or in the absence of telnet, I can use bash.
The binaries make it slightly more convenient, that's all.
Also, a lot of security scans will pick up on things that are world
executable and not in one of the standard directories (like /usr/bin, /bin,
etc.).
Really! Why? I've never seen this, except when the script is also
world-writeable. What security scanner(s) are you referring to?
Lots of users write their own scripts and keep them in their home
directories. Sysadmins write scripts like this all the time. I'm not sure
this is a useful security stance.
J