[asterisk-commits] r315147 - svn:log
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Mon Apr 25 11:44:40 CDT 2011
Author: mnicholson
Revision: 315147
Modified property: svn:log
Modified: svn:log at Mon Apr 25 11:44:40 2011
------------------------------------------------------------------------------
--- svn:log (original)
+++ svn:log Mon Apr 25 11:44:40 2011
@@ -1,1 +1,8 @@
-.
+Reverted part of r314607, as it can introduce a regression.
+
+Specifically, the security check for the "system" privilege was removed. If a user had the "call" privilege but not the "system" privilege, they would loose the ability to execute the system app and dialplan functions that run commands in a shell. This branch never used the "system" privilege for that purpose and did not need to be patched.
+
+AST-2011-006
+
+(related to issue 0018787)
+Reported by: kobaz
More information about the asterisk-commits
mailing list