You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If I am correct, but not 100% sure, the system.run[*] at this agent config allows the Zabbix server to execute whatever script it wants. Last year I heard about some major security issues with software like Kaseya which allowed the server to install/run elevated commands on workstations.
The system[*] gives me the same feeling, will it allow the Zabbix to do whatever it wants and what if somebody is able to hack my suppliers Zabbix server?
Wouldn't it be much better to restrict the AllowKey to only allow it to run the specific PowerShell script?
The text was updated successfully, but these errors were encountered:
If I am correct, but not 100% sure, the system.run[*] at this agent config allows the Zabbix server to execute whatever script it wants. Last year I heard about some major security issues with software like Kaseya which allowed the server to install/run elevated commands on workstations.
The system[*] gives me the same feeling, will it allow the Zabbix to do whatever it wants and what if somebody is able to hack my suppliers Zabbix server?
Wouldn't it be much better to restrict the AllowKey to only allow it to run the specific PowerShell script?
The text was updated successfully, but these errors were encountered: