mirror of
https://git.jami.net/savoirfairelinux/jami-daemon.git
synced 2025-08-12 22:09:25 +08:00
569d44b5f6
This feature is mostly a relicate from SFLPhone and introduced a remote attack vector abusing the system() function weaknesses. Provided that "sipEnabled" parameter is on in the remote target's configuration, a malicious peer calling that remote target could send SIP messages with a crafted "X-ring-url" string in order to execute arbitrary shell commands on the target. Header entry "X-ring-url" content is actually consumed by UrlHook as arguments for the "x-www-browser" command executed using system(). By adding a shell escape sequence to circumvent existing arguments sanitizing attempts, the malicious peer could execute any shell command under remote peer user's identity and access sensitive information available using its privileges. Remove that feature altogether and enforce users that are relying on that feature to migrate to Jami "plugins", which are more suitable for introducing custom Jami behaviors. Change-Id: I1d6d07771e2b5a7c7f2cb8fc838821106c0a6708