http://bugzilla.opensuse.org/show_bug.cgi?id=1028975 http://bugzilla.opensuse.org/show_bug.cgi?id=1028975#c5 --- Comment #5 from Lars Vogdt <lars.vogdt@suse.com> --- JFYI from the changelog: -------------------------------------------------------------------- Fri Jul 8 11:35:37 UTC 2011 - lars@linux-schulserver.de - removed setuid bit from /var/spool/nagios - configure the right permissions on service start instead --------------------------------------------------------------------
From my memory: setting the setguid (I assume the "setuid" in the changes file is a typo) bit for the directory would allow any application in the nagioscmd group to write into this directory.
While this might be wanted for most systems, the current "default" is a bit more secure as it only allows the nagios daemon itself to write into the directory. Using a permissions file, that allows to adapt the permissions for the directory, might be a possible solution here that allows a very secure standard installation while informed users could change the setup via the permission file (and calling "chkstat --system --set"). -- You are receiving this mail because: You are on the CC list for the bug.