[Asterisk-Dev] FYI: RPM

Tzafrir Cohen tzafrir.cohen at xorcom.com
Sat Apr 2 11:19:50 MST 2005


On Wed, Mar 30, 2005 at 06:49:54PM -0800, Kenneth Porter wrote:
> --On Wednesday, March 30, 2005 8:45 PM -0500 Greg Boehnlein 
> <damin at nacs.net> wrote:
> 
> >Good from a security perspective. You may also want to build a patch for
> >the /etc/rc.d/init.d/asterisk file (look in
> >/usr/src/asterisk/contrib/init.d/rc.redhat.asterisk) that sets the proper
> >User/Group settings.
> 
> Yep, I've written initscripts to run my game servers each under its own 
> user for isolation.

However if you want Asterisk to run with real-time priority, you have to
run Asterisk itself as root and let it setuid by itself.

Also, do you plan to move /etc/asterisk and /var/lib/asterisk/outgoing
into that isolation? Asterisk reads those files at run-time.

-- 
Tzafrir Cohen     icq#16849755  +972-50-7952406
tzafrir.cohen at xorcom.com  http://www.xorcom.com



More information about the asterisk-dev mailing list