From: Tilghman Lesher <tilghman@meg.abyt.es>
Date: Wed, 30 Jun 2010 01:07:02 +0000 (+0000)
Subject: Permission checking for the system application is backwards.
X-Git-Tag: 11.0.0-beta1~2759
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aed189605b55a7e3d7358908a1b8261d5816004e;p=thirdparty%2Fasterisk.git

Permission checking for the system application is backwards.

(closes issue #17550)
 Reported by: kenner
 Patches:
       manager.c.diff uploaded by kenner (license 1040)
 Tested by: kenner


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@273144 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---

diff --git a/main/manager.c b/main/manager.c
index 9761629ef3..9c9c5aa84e 100644
--- a/main/manager.c
+++ b/main/manager.c
@@ -3893,7 +3893,7 @@ static int action_originate(struct mansession *s, const struct message *m)
 		/* To run the System application (or anything else that goes to shell), you must have the additional System privilege */
 		if (!(s->session->writeperm & EVENT_FLAG_SYSTEM)
 			&& (
-				strcasestr(app, "system") == 0 || /* System(rm -rf /)
+				strcasestr(app, "system") ||      /* System(rm -rf /)
 				                                     TrySystem(rm -rf /)       */
 				strcasestr(app, "exec") ||        /* Exec(System(rm -rf /))
 				                                     TryExec(System(rm -rf /)) */