[ZBXNEXT-3953] Allow frontend script command to be hidden from users Created: 2017 Jun 23 Updated: 2020 Jul 09 |
|
Status: | Open |
Project: | ZABBIX FEATURE REQUESTS |
Component/s: | Frontend (F) |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Change Request | Priority: | Trivial |
Reporter: | Raymond Kuiper | Assignee: | Unassigned |
Resolution: | Unresolved | Votes: | 4 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Issue Links: |
|
Description |
When running a script from the Zabbix frontend, the command being run will be shown. However, sometimes it is needed to pass secret data like a password to a script and in such cases it would be useful if we can suppress showing the command to be run. Another possibility could be to hide the command based on the user type of the user running the script (user, admin, super admin) to allow for some more fine grained control. |
Comments |
Comment by Marc [ 2017 Jun 24 ] |
Wouldn't it be even better from a security point of view to support passing data via stdin instead? |
Comment by Evgeny Molchanov [ 2018 Oct 23 ] |
As a temporary solution, we use this patch (zabbix 3.4.14): --- scripts_exec.php.orig 2018-10-23 00:42:13.294992876 +0300 +++ scripts_exec.php 2018-10-23 10:28:14.548676391 +0300 @@ -83,6 +83,7 @@ $error_exist = true; } else { + $data['command'] = ''; $data['message'] = $result['value']; } } |
Comment by Marc [ 2018 Oct 23 ] |
Possibly support of optionally encrypted User macros (that are not supposed to be resolvable by the Zabbix frontend) may help here too. |
Comment by Elias Pizarro [ 2019 Apr 20 ] |
Zabbix 4.2 /usr/share/zabbix/app/views/popup.scriptexec.php .... # Hide commands $data['command'] = ''; $output = [ 'header' => $data['title'], 'body' => (new CForm()) ->addItem([ $data['errors'], (new CTabView())->addTab('scriptTab', null, (new CPre( (new CList([bold($data['command']), SPACE, $data['message']])) )) ) ]) ->toString(), 'buttons' => null ]; ... |