kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-10-01 18:09:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

asterisk.c: Add option to restrict shell access from remote consoles.

Browse Source 
UserNote: A new asterisk.conf option 'disable_remote_console_shell' has
been added that, when set, will prevent remote consoles from executing
shell commands using the '!' prefix.

Resolves: #GHSA-c7p6-7mvq-8jq2
This commit is contained in:
George Joseph
2025-05-19 08:16:53 -06:00
committed by George Joseph
parent 3d117fbb39
commit 9bcdef2684
5 changed files with 20 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
main/options.c
View File

@@ -87,7 +87,7 @@ long option_minmemfree;
#endif
int ast_option_rtpusedynamic = 1;
unsigned int ast_option_rtpptdynamic = 35;
int ast_option_disable_remote_console_shell = 0;
/*! @} */
struct ast_eid ast_eid_default;
@@ -223,6 +223,7 @@ void load_asterisk_conf(void)
int option_trace_new = 0;
int option_verbose_new = 0;
/* init with buildtime config */
#ifdef REF_DEBUG
/* The REF_DEBUG compiler flag is now only used to enable refdebug by default.
@@ -474,6 +475,8 @@ void load_asterisk_conf(void)
ast_set2_flag(&ast_options, ast_true(v->value), AST_OPT_FLAG_HIDE_MESSAGING_AMI_EVENTS);
} else if (!strcasecmp(v->name, "sounds_search_custom_dir")) {
ast_set2_flag(&ast_options, ast_true(v->value), AST_OPT_FLAG_SOUNDS_SEARCH_CUSTOM);
} else if (!strcasecmp(v->name, "disable_remote_console_shell")) {
ast_option_disable_remote_console_shell = ast_true(v->value);
}
}
if (!ast_opt_remote) {