manager.c: Prevent the Originate action from running the Originate app
If an AMI user without the "system" authorization calls the
Originate AMI command with the Originate application,
the second Originate could run the "System" command.
Action: Originate
Channel: Local/1111
Application: Originate
Data: Local/2222,app,System,touch /tmp/owned
If the "system" authorization isn't set, we now block the
Originate app as well as the System, Exec, etc. apps.
ASTERISK-28580
Reported by: Eliel SardaƱons
Change-Id: Ic4c9dedc34c426f03c8c14fce334a71386d8a5fa
(cherry picked from commit
1b9281a5ded62e5d30af2959e5aa33bc5a0fc285)
projects / thirdparty / asterisk.git / commit
