[Asterisk-Dev] vmail.cgi: File permissions
jtodd at loligo.com
Fri Jun 20 22:51:59 MST 2003
This has been discussed before. I can't seem to find Jon's patch,
but I found his message about it. Maybe Jon will submit it here?
>To: asterisk-users at lists.digium.com
>From: Jon Pounder <JonP at inline.net>
>Subject: Re: [Asterisk-Users] vmail.cgi cannot read/delete messages
>Reply-To: asterisk-users at lists.digium.com
>Date: Wed, 07 May 2003 22:49:46 -0400
>I have a patch to read the file and directory mask to use from the
>voicemail configuration file.
>At 11:03 PM 5/7/2003 -0400, you wrote:
>>vmail.cgi rocks (if I can borrow the expression for Mark Street).
>>As Mark pointed out, the /vm/INBOX messages are created with 0700
>>security and vmail.cgi is not happy. Apache/cgi/vmail.cgi cannot
>>play them unless I fool around with the Apache wrapper or chmod 755
>>*.* thefiles myself. (Tedious, that is why I like computers).
>>Obviously this is not acceptable. I took a trip to the
>>apps/app_voicemail.c country club and found that I can modify it to
>>force the issue by altering the directory and files as it "happens"
>>when recording takes place.
>>What is everybody else doing?
>>I am, for sure, not the only one with this issue. It comes with
>>the cgi territory. I am trying to keep my pearl vmail script with
>>the -T switch. I can also modify with chmod here but I am going to
>>force the issue, I prefer the "c" code.
> > Uriel
>Here are some ideas on this topic.
>1. First the make file or what ever installs the vmail.cgi does not install
>it on a Debian system. I have to copy it manually to /usr/lib/cgi-bin.
>2. Why not have the Voicemail have the UID/GID of certain user and then have
>the vmail.cgi switch to that user when someone logs in.
>3. Or the most tricky because most people probably don't use there Asterisk
>server as the mail server in there net but some of us only have one server
>so have the UID/GID set the user when they login and then have the Voicemail
>belong to that user like most e-mail systems do. Even Better yet have the
>Voicemail stored in the users home directory so their quota applies to it.
>Just some thoughts.
>From: asterisk-dev-admin at lists.digium.com
>[mailto:asterisk-dev-admin at lists.digium.com]On Behalf Of Brian Capouch
>Sent: Friday, June 20, 2003 15:46
>To: asterisk-dev at lists.digium.com
>Subject: [Asterisk-Dev] vmail.cgi: File permissions
>I'm working on vmail.cgi; being able to work on voicemails through a web
>interface is waaaay friendlier than "message at a time" through the POTS
>It doesn't work out of the box if the UID of the web server (in my case
>"nobody") isn't the same as the UID of the asterisk process (in my case
>"root"). Not even reading messages works because the VM files are
>created with permissions 700.
>So I wonder what the correct way of doing this is? Opening up
>/var/spool/asterisk/voicemail to the world doesn't seem like a very good
>choice, but having vmail.cgi run as root seems even less good.
More information about the asterisk-dev