From 0dc7e29dd84e636d9e03b3c0e14178b7fb843d6b Mon Sep 17 00:00:00 2001 From: Sean Bright Date: Wed, 16 Oct 2019 17:06:52 -0400 Subject: [PATCH] README-SERIOUSLY.bestpractices.md: Speling correetions. ASTERISK-28586 #close Change-Id: I43dc4e8bd9dc685b17695b215a5360314074734f --- README-SERIOUSLY.bestpractices.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README-SERIOUSLY.bestpractices.md b/README-SERIOUSLY.bestpractices.md index ec36fac989..4344c0e3ca 100644 --- a/README-SERIOUSLY.bestpractices.md +++ b/README-SERIOUSLY.bestpractices.md @@ -332,7 +332,7 @@ Data: echo hello world! ``` This manager command will attempt to execute an Asterisk application, System, -which is normally associated with the "system" class authorication. While some +which is normally associated with the "system" class authorization. While some checks have been put into Asterisk to take this into account, certain dialplan configurations and/or clever manipulation of the Originate manager action can circumvent these checks. For example, take the following dialplan: @@ -365,7 +365,7 @@ set channel variables; which allows the execution of dialplan functions. Dialplan functions within Asterisk are incredibly powerful, which is wonderful for building applications using Asterisk. But during the read or write -execution, certain diaplan functions do much more. For example, reading the +execution, certain dialplan functions do much more. For example, reading the SHELL() function can execute arbitrary commands on the system Asterisk is running on. Writing to the FILE() function can change any file that Asterisk has write access to.