[asterisk-commits] tilghman: trunk r104039 - in /trunk: ./ doc/ include/asterisk/ main/
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Fri Feb 22 16:55:36 CST 2008
Author: tilghman
Date: Fri Feb 22 16:55:35 2008
New Revision: 104039
URL: http://svn.digium.com/view/asterisk?view=rev&rev=104039
Log:
Move Originate to a separate privilege and require the additional System privilege to call out to a subshell.
Modified:
trunk/CHANGES
trunk/UPGRADE.txt
trunk/doc/manager_1_1.txt
trunk/include/asterisk/manager.h
trunk/main/manager.c
Modified: trunk/CHANGES
URL: http://svn.digium.com/view/asterisk/trunk/CHANGES?view=diff&rev=104039&r1=104038&r2=104039
==============================================================================
--- trunk/CHANGES (original)
+++ trunk/CHANGES Fri Feb 22 16:55:35 2008
@@ -48,6 +48,9 @@
* Updated action newcat to allow new category to be inserted in file above another
existing category.
* Added new event "JitterBufStats" in the IAX2 channel
+ * Originate now requires the Originate privilege and, if you want to call out
+ to a subshell, it requires the System privilege, as well. This was done to
+ enhance manager security.
Dialplan functions
------------------
Modified: trunk/UPGRADE.txt
URL: http://svn.digium.com/view/asterisk/trunk/UPGRADE.txt?view=diff&rev=104039&r1=104038&r2=104039
==============================================================================
--- trunk/UPGRADE.txt (original)
+++ trunk/UPGRADE.txt Fri Feb 22 16:55:35 2008
@@ -178,3 +178,6 @@
change your manager.conf to add the level to existing AMI users, if they
want to see the CDR events generated.
+* The Originate command now requires the Originate write permission. For
+ Originate with the Application parameter, you need the additional System
+ privilege if you want to do anything that calls out to a subshell.
Modified: trunk/doc/manager_1_1.txt
URL: http://svn.digium.com/view/asterisk/trunk/doc/manager_1_1.txt?view=diff&rev=104039&r1=104038&r2=104039
==============================================================================
--- trunk/doc/manager_1_1.txt (original)
+++ trunk/doc/manager_1_1.txt Fri Feb 22 16:55:35 2008
@@ -114,6 +114,11 @@
Added new headers for SayEnvelope, SayCID, AttachMessage, CanReview
and CallOperator voicemail configuration settings.
+- Action Originate
+ Now requires the new Originate privilege.
+ If you call out to a subshell in Originate with the Application parameter,
+ you now also need the System privilege.
+
* NEW ACTIONS
-------------
- Action: ModuleLoad
Modified: trunk/include/asterisk/manager.h
URL: http://svn.digium.com/view/asterisk/trunk/include/asterisk/manager.h?view=diff&rev=104039&r1=104038&r2=104039
==============================================================================
--- trunk/include/asterisk/manager.h (original)
+++ trunk/include/asterisk/manager.h Fri Feb 22 16:55:35 2008
@@ -69,6 +69,7 @@
#define EVENT_FLAG_REPORTING (1 << 9) /* Reporting events such as rtcp sent */
#define EVENT_FLAG_CDR (1 << 10) /* CDR events */
#define EVENT_FLAG_DIALPLAN (1 << 11) /* Dialplan events (VarSet, NewExten) */
+#define EVENT_FLAG_ORIGINATE (1 << 12) /* Originate a call to an extension */
/*@} */
/*! \brief Export manager structures */
Modified: trunk/main/manager.c
URL: http://svn.digium.com/view/asterisk/trunk/main/manager.c?view=diff&rev=104039&r1=104038&r2=104039
==============================================================================
--- trunk/main/manager.c (original)
+++ trunk/main/manager.c Fri Feb 22 16:55:35 2008
@@ -328,6 +328,7 @@
{ EVENT_FLAG_REPORTING, "reporting" },
{ EVENT_FLAG_CDR, "cdr" },
{ EVENT_FLAG_DIALPLAN, "dialplan" },
+ { EVENT_FLAG_ORIGINATE, "originate" },
{ -1, "all" },
{ 0, "none" },
};
@@ -2156,8 +2157,23 @@
}
}
} else if (!ast_strlen_zero(app)) {
+ /* To run the System application (or anything else that goes to shell), you must have the additional System privilege */
+ if (!(s->writeperm & EVENT_FLAG_SYSTEM)
+ && (
+ strcasestr(app, "system") == 0 || /* System(rm -rf /)
+ TrySystem(rm -rf /) */
+ strcasestr(app, "exec") || /* Exec(System(rm -rf /))
+ TryExec(System(rm -rf /)) */
+ strcasestr(app, "agi") || /* AGI(/bin/rm,-rf /)
+ EAGI(/bin/rm,-rf /) */
+ strstr(appdata, "SHELL") || /* NoOp(${SHELL(rm -rf /)}) */
+ strstr(appdata, "EVAL") /* NoOp(${EVAL(${some_var_containing_SHELL})}) */
+ )) {
+ astman_send_error(s, m, "Originate with certain 'Application' arguments requires the additional System privilege, which you do not have.");
+ return 0;
+ }
res = ast_pbx_outgoing_app(tech, AST_FORMAT_SLINEAR, data, to, app, appdata, &reason, 1, l, n, vars, account, NULL);
- } else {
+ } else {
if (exten && context && pi)
res = ast_pbx_outgoing_exten(tech, AST_FORMAT_SLINEAR, data, to, context, exten, pi, &reason, 1, l, n, vars, account, NULL);
else {
@@ -3641,7 +3657,7 @@
ast_manager_register2("CreateConfig", EVENT_FLAG_CONFIG, action_createconfig, "Creates an empty file in the configuration directory", mandescr_createconfig);
ast_manager_register2("ListCategories", EVENT_FLAG_CONFIG, action_listcategories, "List categories in configuration file", mandescr_listcategories);
ast_manager_register2("Redirect", EVENT_FLAG_CALL, action_redirect, "Redirect (transfer) a call", mandescr_redirect );
- ast_manager_register2("Originate", EVENT_FLAG_CALL, action_originate, "Originate Call", mandescr_originate);
+ ast_manager_register2("Originate", EVENT_FLAG_ORIGINATE, action_originate, "Originate Call", mandescr_originate);
ast_manager_register2("Command", EVENT_FLAG_COMMAND, action_command, "Execute Asterisk CLI Command", mandescr_command );
ast_manager_register2("ExtensionState", EVENT_FLAG_CALL | EVENT_FLAG_REPORTING, action_extensionstate, "Check Extension Status", mandescr_extensionstate );
ast_manager_register2("AbsoluteTimeout", EVENT_FLAG_SYSTEM | EVENT_FLAG_CALL, action_timeout, "Set Absolute Timeout", mandescr_timeout );
More information about the asterisk-commits
mailing list