Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-9425

global script permissions should be checked on server side

    XMLWordPrintable

    Details

      Description

      There is a feature in Zabbix that allows to execute a global script using a particular host as target through frontend.

      Such global scripts have a setting which permit only a certain user group to execute them. Currently, these permissions are checked on the frontend side, but anyone with access to Zabbix trapper port can execute any of the configured scripts.

      This is deemed to be an artifact of node-based monitoring, where it was possible to execute a script on a different node, but user session was only present on the user's node. With nodes removed, this restriction no longer applies. Therefore, permissions should be checked on the server side based on user's session.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              asaveljevs Aleksandrs Saveljevs
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: