Zen

Translation

Therefore, several versions ago, Cacti was enhanced to provide Whitelist capabilities on the these types of Data Input Methods. Though this does secure Cacti more thoroughly, it does increase the amount of work required by the Cacti administrator to import and manage Templates and Packages.
0/2920 · 292

Sign in to save translations.

English Ukrainian Actions
If you are installing packages, once the packages are installed, you should change the scripts directory back to read only as this presents some exposure to the web site.
 
For remote pollers, it is critical that the paths that you will be updating frequently, including the plugins, scripts, and resources paths have read/write access as the data collector will have to update these paths from the main web server content.
 
Required Writable at Install Time Only
 
Not Writable
 
Required Writable after Install Complete
 
Potential permission issues
 
Please make sure that your webserver has read/write access to the cacti folders that show errors below.
 
If SELinux is enabled on your server, you can either permanently disable this, or temporarily disable it and then add the appropriate permissions using the SELinux command-line tools.
 
The user '%s' should have MODIFY permission to enable read/write.
 
An example of how to set folder permissions is shown here, though you may need to adjust this depending on your operating system, user accounts and desired permissions.
 
EXAMPLE:
 
Once installation has completed the CSRF path, should be set to read-only.
 
All folders are writable
 
Input Validation Whitelist Protection
 
Cacti Data Input methods that call a script can be exploited in ways that a non-administrator can perform damage to either files owned by the poller account, and in cases where someone runs the Cacti poller as root, can compromise the operating system allowing attackers to exploit your infrastructure.
 
Therefore, several versions ago, Cacti was enhanced to provide Whitelist capabilities on the these types of Data Input Methods. Though this does secure Cacti more thoroughly, it does increase the amount of work required by the Cacti administrator to import and manage Templates and Packages.
 
The way that the Whitelisting works is that when you first import a Data Input Method, or you re-import a Data Input Method, and the script and or arguments change in any way, the Data Input Method, and all the corresponding Data Sources will be immediatly disabled until the administrator validates that the Data Input Method is valid.
 
To make identifying Data Input Methods in this state, we have provided a validation script in Cacti's CLI directory that can be run with the following options:
 
This script option will search for any Data Input Methods that are currently banned and provide details as to why.
 
This script option un-ban the Data Input Methods that are currently banned.
 
This script option will re-enable any disabled Data Sources.
 
It is strongly suggested that you update your config.php to enable this feature by uncommenting the <b>$input_whitelist</b> variable and then running the three CLI script options above after the web based install has completed.
 
Check the Checkbox below to acknowledge that you have read and understand this security concern
 
I have read this statement
 
Default Profile
 
Please select the default Data Source Profile to be used for polling sources. This is the maximum amount of time between scanning devices for information so the lower the polling interval, the more work is placed on the Cacti Server host. Also, select the intended, or configured Cron interval that you wish to use for Data Collection.
 
Cron Interval
 
Default Automation Network
 
Cacti can automatically scan the network once installation has completed. This will utilise the network range below to work out the range of IPs that can be scanned. A predefined set of options are defined for scanning which include using both 'public' and 'private' communities.
 
If your devices require a different set of options to be used first, you may define them below and they will be utilized before the defaults
 
All options may be adjusted post installation
 
User avatar anonymous

Suggestion added

Таким чином, кілька версій тому Cacti було вдосконалено, щоб надати можливості білого списку для цих типів методів введення даних. Незважаючи на те, що це надійніше захищає Cacti, це збільшує обсяг роботи, необхідний адміністратору Cacti для імпорту та керування шаблонами та пакетами.

Suggested change:

Таким чином, кілька версій тому Cacti було вдосконалено, щоб надати можливості білого списку для цих типів методів введення даних. Незважаючи на те, що це надійніше захищає Cacti, це збільшує обсяг роботи, необхідний адміністратору Cacti для імпорту та керування шаблонами та пакетами.
2 months ago

Loading…

User avatar anonymous

Suggestion added
Therefore, several versions ago, Cacti was enhanced to provide Whitelist capabilities on the these types of Data Input Methods. Though this does secure Cacti more thoroughly, it does increase the amount of work required by the Cacti administrator to import and manage Templates and Packages.
Таким чином, кілька версій тому Cacti було вдосконалено, щоб надати можливості білого списку для цих типів методів введення даних. Незважаючи на те, що це надійніше захищає Cacti, це збільшує обсяг роботи, необхідний адміністратору Cacti для імпорту та керування шаблонами та пакетами.
2 months ago
Browse all string changes

Things to check

Suggestions

There is 1 suggestion for this string.

View

Inconsistent

This string has more than one translation in this project or is untranslated in some components.

Reset

Glossary

English Ukrainian
Cacti Cacti Cacti

533602 String information

Source string location
lib/installer.php:2428
String age
2 years ago
Last updated
3 months ago
Source string age
2 years ago
Translation file
locales/po/uk-UA.po, string 3494