Changed the default for live_dangerously to no

git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@404006 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/configs/asterisk.conf.sample b/configs/asterisk.conf.sample
index f7cda268f323402738fce7395081680a6456af72..985c80c289b6202fac438cf82b1e823a0ec000a1 100644 (file)
--- a/configs/asterisk.conf.sample
+++ b/configs/asterisk.conf.sample
@@ -88,7 +88,7 @@ documentation_language = en_US        ; Set the language you want documentation
                                ; etc.) These functions (such as SHELL) are
                                ; considered dangerous because they can allow
                                ; privilege escalation.
-                               ; Default yes, for backward compatability.
+                               ; Default no
 
 ; Changing the following lines may compromise your security.
 ;[files]

diff --git a/main/asterisk.c b/main/asterisk.c
index 24aa2ccf9c7e571e7d1de479bdfc015a0d658644..92539748e8f19e5a06f339421a55d47c2ce9c310 100644 (file)
--- a/main/asterisk.c
+++ b/main/asterisk.c
@@ -3333,8 +3333,8 @@ static void ast_readconfig(void)
                unsigned int dbdir:1;
                unsigned int keydir:1;
        } found = { 0, 0 };
-       /* Default to true for backward compatibility */
-       int live_dangerously = 1;
+       /* Default to false for security */
+       int live_dangerously = 0;
 
        /* Set default value */
        option_dtmfminduration = AST_MIN_DTMF_DURATION;