[asterisk-users] Function SHELL not registered

Matthew Jordan mjordan at digium.com
Wed Jul 6 08:56:22 CDT 2016


On Wed, Jul 6, 2016 at 4:05 AM, Michael Jepson <Michael.Jepson at cm.nl> wrote:
> Adding live_dangerously did the trick. Thanks! But how dangerous is Asterisk
> living now ?
>
>
>

>From README-SERIOUSLY.bestpractices.txt:

===========================
Avoid Privilege Escalations
===========================

External control protocols, such as Manager, often have the ability to get and
set channel variables; which allows the execution of dialplan functions.

Dialplan functions within Asterisk are incredibly powerful, which is wonderful
for building applications using Asterisk. But during the read or write
execution, certain diaplan functions do much more. For example, reading the
SHELL() function can execute arbitrary commands on the system Asterisk is
running on. Writing to the FILE() function can change any file that Asterisk has
write access to.

When these functions are executed from an external protocol, that execution
could result in a privilege escalation. Asterisk can inhibit the execution of
these functions, if live_dangerously in the [options] section of asterisk.conf
is set to no.

In Asterisk 12 and later, live_dangerously defaults to no.


When setting 'live_dangerously' to yes, you are taking responsibility
for preventing permission escalation for those dialplan functions that
can alter the underlying system. In addition to running Asterisk as a
non-root user - which is always a good idea - your external
applications should be sanitizing data passed through to said dialplan
functions, and should implement their own stringent access control.

Matt

-- 
Matthew Jordan
Digium, Inc. | CTO
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at: http://digium.com & http://asterisk.org



More information about the asterisk-users mailing list