[asterisk-commits] mnicholson: branch 1.4 r315147 - /branches/1.4/main/manager.c
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Mon Apr 25 11:14:24 CDT 2011
Author: mnicholson
Date: Mon Apr 25 11:14:21 2011
New Revision: 315147
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=315147
Log:
Reverted part of r314607, as it can introduce a regression.
Specifically, the security check for the "system" privilege was reverted.
Modified:
branches/1.4/main/manager.c
Modified: branches/1.4/main/manager.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.4/main/manager.c?view=diff&rev=315147&r1=315146&r2=315147
==============================================================================
--- branches/1.4/main/manager.c (original)
+++ branches/1.4/main/manager.c Mon Apr 25 11:14:21 2011
@@ -2017,24 +2017,6 @@
format = 0;
ast_parse_allow_disallow(NULL, &format, codecs, 1);
}
- if (!ast_strlen_zero(app)) {
- /* To run the System application (or anything else that goes to
- * shell), you must have the additional System privilege */
- if (!(s->session->writeperm & EVENT_FLAG_SYSTEM)
- && (
- strcasestr(app, "system") == 0 || /* System(rm -rf /)
- TrySystem(rm -rf /) */
- strcasestr(app, "exec") || /* Exec(System(rm -rf /))
- TryExec(System(rm -rf /)) */
- strcasestr(app, "agi") || /* AGI(/bin/rm,-rf /)
- EAGI(/bin/rm,-rf /) */
- strstr(appdata, "SHELL") || /* NoOp(${SHELL(rm -rf /)}) */
- strstr(appdata, "EVAL") /* NoOp(${EVAL(${some_var_containing_SHELL})}) */
- )) {
- astman_send_error(s, m, "Originate with certain 'Application' arguments requires the additional System privilege, which you do not have.");
- return 0;
- }
- }
/* Allocate requested channel variables */
vars = astman_get_variables(m);
More information about the asterisk-commits
mailing list