You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After integrating telegram in Zabbix, our CIS L1 benchmarks shows that de directory zbxtg created by the zbxtg.py script is world writable and has no sticky bit. This is solvable by making a change in the main() function of zbxtg.py:
So, the change is adding the sticky bit mask stat.S_ISVTX to the list of other bits. I purposely prepended the list because the sticky bit has a higher number (512) compared to the other ones where the highest one is stat.S_IRWXU (448).
Keep up the good work! Hopefully you can add this fix. We tested sending out messages and everything still works okay after applying this fix.
The text was updated successfully, but these errors were encountered:
After integrating telegram in Zabbix, our CIS L1 benchmarks shows that de directory zbxtg created by the zbxtg.py script is world writable and has no sticky bit. This is solvable by making a change in the main() function of zbxtg.py:
#os.chmod(tmp_dir, stat.S_IRWXU | stat.S_IRWXG | stat.S_IRWXO)
os.chmod(tmp_dir, stat.S_ISVTX | stat.S_IRWXU | stat.S_IRWXG | stat.S_IRWXO)
So, the change is adding the sticky bit mask stat.S_ISVTX to the list of other bits. I purposely prepended the list because the sticky bit has a higher number (512) compared to the other ones where the highest one is stat.S_IRWXU (448).
Keep up the good work! Hopefully you can add this fix. We tested sending out messages and everything still works okay after applying this fix.
The text was updated successfully, but these errors were encountered: