From b338c772babe21532f1a60073a01199438983dbc Mon Sep 17 00:00:00 2001 From: Jonathan Rose Date: Thu, 12 Jun 2014 15:26:23 +0000 Subject: [PATCH] MixMontior: Add class authorization requirements to MixMonitor AMI commands MixMonitor AMI commands StartMixMonitor and StopMixMonitor lacked class authorization. StopMixMonitor now requires that the manager user either have the call or system class authorization. StartMixMonitor is a slightly larger issue since it can execute shell commands if the right arguments are passed into it, and we consider this a permission escalation. A security release will be issued for problem this shortly. ASTERISK-23609 #close Reported by: Corey Farrell ........ Merged revisions 415825 from http://svn.asterisk.org/svn/asterisk/branches/11 git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@415832 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- UPGRADE.txt | 6 ++++++ apps/app_mixmonitor.c | 6 +++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/UPGRADE.txt b/UPGRADE.txt index fd8a516d11..d57dc0a844 100644 --- a/UPGRADE.txt +++ b/UPGRADE.txt @@ -28,12 +28,18 @@ From 12.3.0 to 12.4.0: safe_asterisk script is customized, be sure to keep your changes. Custom values for variables should be created in *.sh file(s) inside ASTETCDIR/startup.d/. See ASTERISK-21965. + - Changed a log message in safe_asterisk and the $NOTIFY mail subject. If you use tools to parse either of them, update your parse functions accordingly. The changed strings are: - "Exited on signal $EXITSIGNAL" => "Asterisk exited on signal $EXITSIGNAL." - "Asterisk Died" => "Asterisk on $MACHINE died (sig $EXITSIGNAL)" + - MixMonitor AMI actions now require users to have authorization classes. + * MixMonitor - system + * MixMonitorMute - call or system + * StopMixMonitor - call or system + From 12.2.0 to 12.3.0: - The asterisk command line -I option and the asterisk.conf internal_timing diff --git a/apps/app_mixmonitor.c b/apps/app_mixmonitor.c index 098a632e38..c9e0930181 100644 --- a/apps/app_mixmonitor.c +++ b/apps/app_mixmonitor.c @@ -1415,9 +1415,9 @@ static int load_module(void) ast_cli_register_multiple(cli_mixmonitor, ARRAY_LEN(cli_mixmonitor)); res = ast_register_application_xml(app, mixmonitor_exec); res |= ast_register_application_xml(stop_app, stop_mixmonitor_exec); - res |= ast_manager_register_xml("MixMonitorMute", 0, manager_mute_mixmonitor); - res |= ast_manager_register_xml("MixMonitor", 0, manager_mixmonitor); - res |= ast_manager_register_xml("StopMixMonitor", 0, manager_stop_mixmonitor); + res |= ast_manager_register_xml("MixMonitorMute", EVENT_FLAG_SYSTEM | EVENT_FLAG_CALL, manager_mute_mixmonitor); + res |= ast_manager_register_xml("MixMonitor", EVENT_FLAG_SYSTEM, manager_mixmonitor); + res |= ast_manager_register_xml("StopMixMonitor", EVENT_FLAG_SYSTEM | EVENT_FLAG_CALL, manager_stop_mixmonitor); res |= set_mixmonitor_methods(); return res; -- 2.47.2