diff options
author | David M. Lee <dlee@digium.com> | 2013-12-16 19:11:51 +0000 |
---|---|---|
committer | David M. Lee <dlee@digium.com> | 2013-12-16 19:11:51 +0000 |
commit | 744556c01d6e28d4ae46c347f77edfb71778d924 (patch) | |
tree | bc90f83b4ec9ef0eafb3d952076bf9ea24406366 /funcs/func_env.c | |
parent | 00dcee2a640394ac0aae294396d96985c6c1aba1 (diff) |
security: Inhibit execution of privilege escalating functions
This patch allows individual dialplan functions to be marked as
'dangerous', to inhibit their execution from external sources.
A 'dangerous' function is one which results in a privilege escalation.
For example, if one were to read the channel variable SHELL(rm -rf /)
Bad Things(TM) could happen; even if the external source has only read
permissions.
Execution from external sources may be enabled by setting
'live_dangerously' to 'yes' in the [options] section of asterisk.conf.
Although doing so is not recommended.
Also, the ABI was changed to something more reasonable, since Asterisk
12 does not yet have a public release.
(closes issue ASTERISK-22905)
Review: http://reviewboard.digium.internal/r/432/
........
Merged revisions 403913 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 403917 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 403959 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@403960 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'funcs/func_env.c')
-rw-r--r-- | funcs/func_env.c | 28 |
1 files changed, 24 insertions, 4 deletions
diff --git a/funcs/func_env.c b/funcs/func_env.c index f413607e0..a2f7c2bd2 100644 --- a/funcs/func_env.c +++ b/funcs/func_env.c @@ -71,6 +71,11 @@ ASTERISK_FILE_VERSION(__FILE__, "$Revision$") <parameter name="filename" required="true" /> </syntax> <description> + <note> + <para>If <literal>live_dangerously</literal> in <literal>asterisk.conf</literal> + is set to <literal>no</literal>, this function can only be executed from the + dialplan, and not directly from external protocols.</para> + </note> </description> </function> <function name="FILE" language="en_US"> @@ -167,6 +172,11 @@ ASTERISK_FILE_VERSION(__FILE__, "$Revision$") <para> Set(FILE(/tmp/foo.txt,-1,,l)=bar)</para> <para> ; Append "bar" to the file with a newline</para> <para> Set(FILE(/tmp/foo.txt,,,al)=bar)</para> + <note> + <para>If <literal>live_dangerously</literal> in <literal>asterisk.conf</literal> + is set to <literal>no</literal>, this function can only be executed from the + dialplan, and not directly from external protocols.</para> + </note> </description> <see-also> <ref type="function">FILE_COUNT_LINE</ref> @@ -197,6 +207,11 @@ ASTERISK_FILE_VERSION(__FILE__, "$Revision$") </syntax> <description> <para>Returns the number of lines, or <literal>-1</literal> on error.</para> + <note> + <para>If <literal>live_dangerously</literal> in <literal>asterisk.conf</literal> + is set to <literal>no</literal>, this function can only be executed from the + dialplan, and not directly from external protocols.</para> + </note> </description> <see-also> <ref type="function">FILE</ref> @@ -216,6 +231,11 @@ ASTERISK_FILE_VERSION(__FILE__, "$Revision$") <para>'d' - DOS "\r\n" format</para> <para>'m' - Macintosh "\r" format</para> <para>'x' - Cannot be determined</para> + <note> + <para>If <literal>live_dangerously</literal> in <literal>asterisk.conf</literal> + is set to <literal>no</literal>, this function can only be executed from the + dialplan, and not directly from external protocols.</para> + </note> </description> <see-also> <ref type="function">FILE</ref> @@ -1259,10 +1279,10 @@ static int load_module(void) int res = 0; res |= ast_custom_function_register(&env_function); - res |= ast_custom_function_register(&stat_function); - res |= ast_custom_function_register(&file_function); - res |= ast_custom_function_register(&file_count_line_function); - res |= ast_custom_function_register(&file_format_function); + res |= ast_custom_function_register_escalating(&stat_function, AST_CFE_READ); + res |= ast_custom_function_register_escalating(&file_function, AST_CFE_BOTH); + res |= ast_custom_function_register_escalating(&file_count_line_function, AST_CFE_READ); + res |= ast_custom_function_register_escalating(&file_format_function, AST_CFE_READ); return res; } |