From af75e45da13d1cead68c110eb122080018a9996f Mon Sep 17 00:00:00 2001
From: Jonathan Rose <jrose@digium.com>
Date: Thu, 4 Sep 2014 22:05:41 +0000
Subject: Manager: Require read permission for SYSTEM in order to send
 FullyBooted

Review: https://reviewboard.asterisk.org/r/3969/
........

Merged revisions 422584 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 422625 from http://svn.asterisk.org/svn/asterisk/branches/11
........

Merged revisions 422626 from http://svn.asterisk.org/svn/asterisk/branches/12
........

Merged revisions 422631 from http://svn.asterisk.org/svn/asterisk/branches/13


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@422632 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---
 main/manager.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'main/manager.c')

diff --git a/main/manager.c b/main/manager.c
index 5303f18d9..6545a519e 100644
--- a/main/manager.c
+++ b/main/manager.c
@@ -3705,6 +3705,7 @@ static int action_login(struct mansession *s, const struct message *m)
 	}
 	astman_send_ack(s, m, "Authentication accepted");
 	if ((s->session->send_events & EVENT_FLAG_SYSTEM)
+		&& (s->session->readperm & EVENT_FLAG_SYSTEM)
 		&& ast_test_flag(&ast_options, AST_OPT_FLAG_FULLY_BOOTED)) {
 		struct ast_str *auth = ast_str_alloca(80);
 		const char *cat_str = authority_to_str(EVENT_FLAG_SYSTEM, &auth);
-- 
cgit v1.2.3