No subject

Fri Sep 2 03:59:05 CDT 2011

le.  Many channels would not ever need or care about a generic 'system =
call return value' variable, and I would hate to have it always around =
with a channel.  Or worse, have it around when the system call returns, but=
 not have it be present on a channel otherwise - those types of things are =
rarely documented well, and people would have to know when the variable exi=
sts and when it doesn't.

What's more, the system call may not even be 'channel specific'=
, that is, it may not change or affect the state of the channel.  The scrip=
t could print out "Hello world!" - so associating its return valu=
e with a channel seems to imply a dependency that does not necessarily exis=

Tilghman's suggestion of tying the return code of the script directly w=
ith the item that executed the script makes sense: we simply return the ret=
urn code of the thing that was executed.</pre>


<pre style=3D"white-space: pre-wrap; white-space: -moz-pre-wrap; white-spac=
e: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Ah, alright=
 then.  Sorry for misinterpreting.

I&#39;m just going to go ahead and mention that if another function for inv=
oking system commands is added (like func_system), manager will need to be =
updated to check manager users for SYSTEM write access where app_system and=
 func_shell are currently checked. It&#39;d be a fairly trivial change, but=
 not doing it could lead to a security vulnerability.</pre>
<br />

<p>- jrose</p>

<br />
<p>On June 4th, 2012, 9:23 a.m., Denis Martinez wrote:</p>

<table bgcolor=3D"#fefadf" width=3D"100%" cellspacing=3D"0" cellpadding=3D"=
8" style=3D"background-image: url('
b/images/review_request_box_top_bg.png'); background-position: left top; ba=
ckground-repeat: repeat-x; border: 1px black solid;">

<div>Review request for Asterisk Developers.</div>
<div>By Denis Martinez.</div>

<p style=3D"color: grey;"><i>Updated June 4, 2012, 9:23 a.m.</i></p>

<h1 style=3D"color: #575012; font-size: 10pt; margin-top: 1.5em;">Descripti=
on </h1>
<table width=3D"100%" bgcolor=3D"#ffffff" cellspacing=3D"0" cellpadding=3D"=
10" style=3D"border: 1px solid #b8b5a0">
   <pre style=3D"margin: 0; padding: 0; white-space: pre-wrap; white-space:=
 -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap=
: break-word;">I created a patch that improves the app_system behavior.  Th=
e patch should make this application to check if a command failed to execut=
e due to permission denied.</pre>

<div style=3D"margin-top: 1.5em;">
 <b style=3D"color: #575012; font-size: 10pt; margin-top: 1.5em;">Bugs: </b>

 <a href=3D"">ASTERIS=


<h1 style=3D"color: #575012; font-size: 10pt; margin-top: 1.5em;">Diffs</b>=
<ul style=3D"margin-left: 3em; padding-left: 0;">

 <li>/trunk/apps/app_system.c <span style=3D"color: grey">(368031)</span></=


<p><a href=3D"" style=3D"margi=
n-left: 3em;">View Diff</a></p>




More information about the asterisk-dev mailing list