[asterisk-dev] [Code Review] 3101: rasterisk needlessly prints the AST-2013-007 warning

Sean Darcy seandarcy2 at gmail.com
Sun Jan 5 13:34:35 CST 2014


On 01/03/2014 02:23 PM, Paul Belanger wrote:
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/3101/
>
>
> Ship it!
>
> Ship It!
>
>
> - Paul Belanger
>
>
> On January 3rd, 2014, 7:14 p.m. UTC, Tzafrir Cohen wrote:
>
> Review request for Asterisk Developers.
> By Tzafrir Cohen.
>
> /Updated Jan. 3, 2014, 7:14 p.m./
>
> *Bugs: * ASTERISK-23084
> <https://issues.asterisk.org/jira/browse/ASTERISK-23084>
> *Repository: * Asterisk
>
>
>   Description
>
> Even since the fixes of AST-2013-007, Asterisk prints the following warning on startup if the user decided to live dangerously:
>
> Privilege escalation protection disabled!
> See https://wiki.asterisk.org/wiki/x/1gKfAQ for more details.
>
> I believe that this warning is intended to be one-time and thus makes no sense when asterisk is run as a remote terminal. It certainly makes no sense when Asterisk is run to issue a remote command (asterisk -rx). This patch disables the warning on those two cases.
>
>
>   Testing
>
> Checked with asterisk 11
>
>
>   Diffs
>
>   * /branches/1.8/main/asterisk.c (404783)
>
> View Diff <https://reviewboard.asterisk.org/r/3101/diff/>
>
>

I agree on asterisk -rx, but as someone who just recently stopped living 
dangerously I suggest you keep it for a remote login.

I never see asterisk start up. It's part of the systemd process. I would 
only see it on a remote login. And only after saw it for some number of 
times, did I actually get motivated. I may not be alone in needing 
prodding to fix things, especially where it's not the problem I'm 
immediately trying to fix.

It's only one line. There's a lot of lower hanging fruit spamming the 
log file.

sean

sean




More information about the asterisk-dev mailing list