If I am correct, but not 100% sure, the system.run[*] at this agent config allows the Zabbix server to execute whatever script it wants. Last year I heard about some major security issues with software like Kaseya which allowed the server to install/run elevated commands on workstations.
The system[*] gives me the same feeling, will it allow the Zabbix to do whatever it wants and what if somebody is able to hack my suppliers Zabbix server?
Wouldn't it be much better to restrict the AllowKey to only allow it to run the specific PowerShell script?
If I am correct, but not 100% sure, the system.run[*] at this agent config allows the Zabbix server to execute whatever script it wants. Last year I heard about some major security issues with software like Kaseya which allowed the server to install/run elevated commands on workstations.
The system[*] gives me the same feeling, will it allow the Zabbix to do whatever it wants and what if somebody is able to hack my suppliers Zabbix server?
Wouldn't it be much better to restrict the AllowKey to only allow it to run the specific PowerShell script?