MixMonitor: Add class authorization requirements to MixMonitor AMI commands

MixMonitor AMI commands StartMixMonitor and StopMixMonitor lacked class
authorization. StopMixMonitor now requires that the manager user either have
the call or system class authorization. StartMixMonitor is a slightly larger
issue since it can execute shell commands if the right arguments are passed
into it, and we consider this a permission escalation. A security release
will be issued for problem this shortly.

ASTERISK-23609 #close
Reported by: Corey Farrell

git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@415825 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/UPGRADE.txt b/UPGRADE.txt
index 696d4c2a8dc9711144bccc75ecd3b3990323226e..2e371e0a6dd92334a37a3142a98822f070fa3260 100644 (file)
--- a/UPGRADE.txt
+++ b/UPGRADE.txt
@@ -24,6 +24,11 @@ from 11.9 to 11.10
  - The asterisk command line -I option and the asterisk.conf internal_timing
    option are removed and always enabled if any timing module is loaded.
 
+ - MixMonitor AMI actions now require users to have authorization classes.
+   * MixMonitor - system
+   * MixMonitorMute - call or system
+   * StopMixMonitor - call or system
+
  - Added a new Compiler Flag, REF_DEBUG. When enabled, reference counted
    objects will emit additional debug information to the refs log file located
    in the standard Asterisk log file directory. This log file is useful in

diff --git a/apps/app_mixmonitor.c b/apps/app_mixmonitor.c
index 6333fd572c8f6467267de0d5466780b7c9bc4117..235b3d17c59c7af57c46a39e7794768658557da3 100644 (file)
--- a/apps/app_mixmonitor.c
+++ b/apps/app_mixmonitor.c
@@ -1376,9 +1376,9 @@ static int load_module(void)
        ast_cli_register_multiple(cli_mixmonitor, ARRAY_LEN(cli_mixmonitor));
        res = ast_register_application_xml(app, mixmonitor_exec);
        res |= ast_register_application_xml(stop_app, stop_mixmonitor_exec);
-       res |= ast_manager_register_xml("MixMonitorMute", 0, manager_mute_mixmonitor);
-       res |= ast_manager_register_xml("MixMonitor", 0, manager_mixmonitor);
-       res |= ast_manager_register_xml("StopMixMonitor", 0, manager_stop_mixmonitor);
+       res |= ast_manager_register_xml("MixMonitorMute", EVENT_FLAG_SYSTEM | EVENT_FLAG_CALL, manager_mute_mixmonitor);
+       res |= ast_manager_register_xml("MixMonitor", EVENT_FLAG_SYSTEM, manager_mixmonitor);
+       res |= ast_manager_register_xml("StopMixMonitor", EVENT_FLAG_SYSTEM | EVENT_FLAG_CALL, manager_stop_mixmonitor);
 
        return res;
 }