Ticket #5478 (new Bugs)

Opened 1 year ago

Last modified 1 year ago

add FREEPBX_IS_AUTH to most files where not already

Reported by: p_lindheimer Assigned to:
Priority: minor Milestone: 2.11
Component: FreePBX Framework Version: 2.10-branch
Keywords: Cc:
Confirmation: Unreviewed Distro:
Backend Engine: All Distro Ver:
Backend Ver: SVN Revision (if applicable):

Description

this is used to add another level of security in the event that a file is left accessible through apache and there is something volatile that could be executed in the file. It requires that bootsrap has been run and thus authentication or stops.

Change History

12/17/11 15:53:16 changed by p_lindheimer

(In [13089]) fixes #5479 to use file handler also re #5478

02/20/12 15:28:30 changed by p_lindheimer

  • milestone changed from 2.10 to 2.11.

diverting to next release since the remaining files should not anyhow be vulnerable and we don't want break systems this late in the release.

(follow-up: ↓ 4 ) 03/10/12 12:23:07 changed by losbravos

We can add and delete numbers in the blacklist (via feature codes and blacklist module), but calls are not effected, as if there is no blacklist at all. We are running latest version of FreePBX (2.10) with all modules updated.

(in reply to: ↑ 3 ) 03/10/12 12:38:58 changed by losbravos

Replying to losbravos:

We can add and delete numbers in the blacklist (via feature codes and blacklist module), but calls are not effected, as if there is no blacklist at all. We are running latest version of FreePBX (2.10) with all modules updated.

It is working. Sorry. Needed to insert +.