Asterisk
/
asterisk
mirror of https://github.com/asterisk/asterisk
1
0
Fork 0
Code Issues Releases Wiki Activity

AST-2014-017 - app_confbridge: permission escalation/ class authorization.

Browse Source 
Confbridge dialplan function permission escalation via AMI and inappropriate
class authorization on the ConfbridgeStartRecord action. The CONFBRIDGE dialplan
function when executed from an external protocol (for instance AMI), could
result in a privilege escalation. Also, the AMI action “ConfbridgeStartRecord”
could also be used to execute arbitrary system commands without first checking
for system access.

Asterisk now inhibits the CONFBRIDGE function from being executed from an
external interface if the live_dangerously option is set to no.  Also, the
“ConfbridgeStartRecord” AMI action is now only allowed to execute under a
user with system level access.

ASTERISK-24490
Reported by: Gareth Palmer


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@428332 65c4cc65-6c06-0410-ace0-fbb531ad65f3
changes/61/61/1
Kevin Harwell 11 years ago
parent ce20eaa076
commit 060ced4b54
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File

4
apps/app_confbridge.c
Unescape View File

@ -3189,7 +3189,7 @@ static int load_module(void)
ast_log(LOG_ERROR, "Unable to load config. Not loading module.\n");
return AST_MODULE_LOAD_DECLINE;
}
if ((ast_custom_function_register(&confbridge_function))) {
if ((ast_custom_function_register_escalating(&confbridge_function, AST_CFE_WRITE))) {
return AST_MODULE_LOAD_FAILURE;
}
if ((ast_custom_function_register(&confbridge_info_function))) {
@ -3220,7 +3220,7 @@ static int load_module(void)
res |= ast_manager_register_xml("ConfbridgeKick", EVENT_FLAG_CALL, action_confbridgekick);
res |= ast_manager_register_xml("ConfbridgeUnlock", EVENT_FLAG_CALL, action_confbridgeunlock);
res |= ast_manager_register_xml("ConfbridgeLock", EVENT_FLAG_CALL, action_confbridgelock);
res |= ast_manager_register_xml("ConfbridgeStartRecord", EVENT_FLAG_CALL, action_confbridgestartrecord);
res |= ast_manager_register_xml("ConfbridgeStartRecord", EVENT_FLAG_SYSTEM, action_confbridgestartrecord);
res |= ast_manager_register_xml("ConfbridgeStopRecord", EVENT_FLAG_CALL, action_confbridgestoprecord);
res |= ast_manager_register_xml("ConfbridgeSetSingleVideoSrc", EVENT_FLAG_CALL, action_confbridgesetsinglevideosrc);
if (res) {

Write Preview
Loading…
Cancel
Save