Potential security flaw?


Setting: A fresh Icinga2 master with director v1.7.2 (configured with a director db dump of another Icinga2 Master (same director version) and full but disabled host set (there was not a single host active from the imported db dump) BUT still including the old master as an endpoint of the master zone.

Question: Is there a possibility that this new Icinga2 master’s director would successfully deploy his empty host set to the active configuration of the old master? Given the fact that both are in the same net and reachable through the firewall, but without any pki configuration in order to connect them. Just by keeping the old master as an endpoint of the new one.

I posted our approach in this here: Director import from existing Icinga2/Director

Motivation was setting up another new director by coping generic parts of the config.

Interestingly we observed this odd behavior where every host disappeared in the Icingaweb2 frontend on the old master. Problem could be solved by removing the old endpoint (on the new system) and reapply the config (on the old).

Best regards,

Hello there :slight_smile:

I am not sure if I understand what you mean all that well…

So, in order to deploy, you need a user and a password. If the old system has the same user & password and you tell it that it should be deployed there , it only makes sense to me that it would…?

Am I missing something here?