kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2026-05-04 20:33:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

manager: prevent file access outside of config dir

Browse Source 
Add live_dangerously flag to manager and use this flag to
determine if a configuation file outside of AST_CONFIG_DIR
should be read.

ASTERISK-30176

Change-Id: I46b26af4047433b49ae5c8a85cb8cda806a07404
(cherry picked from commit 81f10e847e)
This commit is contained in:
Mike Bradeen
2022-10-03 12:54:40 -06:00
committed by George Joseph
parent 120aca73ba
commit c59eb7e6d8
5 changed files with 70 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
configs/samples/asterisk.conf.sample
View File

@@ -95,10 +95,13 @@ documentation_language = en_US ; Set the language you want documentation
; documented in extensions.conf.sample.
; Default gosub.
;live_dangerously = no ; Enable the execution of 'dangerous' dialplan
; functions from external sources (AMI,
; etc.) These functions (such as SHELL) are
; considered dangerous because they can allow
; privilege escalation.
; functions and configuration file access from
; external sources (AMI, etc.) These functions
; (such as SHELL) are considered dangerous
; because they can allow privilege escalation.
; Configuration files are considered dangerous
; if they exist outside of the Asterisk
; configuration directory.
; Default no
;entityid=00:11:22:33:44:55 ; Entity ID.
; This is in the form of a MAC address.