[asterisk-users] AGI fails bad permission
Steve Edwards
asterisk.org at sedwards.com
Fri Feb 23 17:59:41 CST 2018
On Fri, 23 Feb 2018, Saint Michael wrote:
> Launched AGI Script /var/lib/asterisk/agi-bin/adddnc.php
> adddnc.php: Failed to execute '/var/lib/asterisk/agi-bin/adddnc.php': Permission denied
> The file is of course chmod +x /var/lib/asterisk/agi-bin/*.php
This is how a sysadmin opened up a web server to compromise a decade or 2
ago. The CGI directory contained some flawed SGI CGIs that had been
disabled by fiddling with the permissions.
More information may yield a clue.
1) ps -aef | grep asterisk | grep --invert-match grep
2) sudo grep 'astagidir' /etc/asterisk/asterisk.conf
3) grep adddnc /etc/asterisk/extensions.{ael,conf}
4) head --lines=1 /var/lib/asterisk/agi-bin/adddnc.php
5) ls -l $(head --lines=1 /var/lib/asterisk/agi-bin/adddnc.php\
| awk '{print substr($1, 3, 255)}')
6) sudo /usr/bin/php (or wherever you keep php) \
/var/lib/asterisk/agi-bin/adddnc.php </dev/null
7) Check the 'r' and 'x' bits on /var/, /var/lib/, /var/lib/asterisk/,
/var/lib/asterisk/agi-bin/.
8) cat /var/lib/asterisk/agi-bin/adddnc.php
--
Thanks in advance,
-------------------------------------------------------------------------
Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST
https://www.linkedin.com/in/steve-edwards-4244281
More information about the asterisk-users
mailing list