[asterisk-dev] security model of the manager interface

Stefan Reuter stefan.reuter at reucon.com
Fri Apr 20 18:03:14 MST 2007

Tzafrir Cohen wrote:
> I was trying to think about the security model of the asterisk-gui, and
> quickly realised that it generally gives any user who has been granted
> manager interface access full control of Asterisk.
> Then I realised that with the current granularity of permissions in the
> manager interface, whoever has either the "config" permission or the
> "call" write permission has practically full control of Asterisk.
> Either we need to take a good look at the permissions to manager
> interface operations, or we need to move this to a separate proxy.

I've discussed this kind of domain-object security (i.e. access to calls
but only if channel matches some pattern) with the AstManProxy guy a
year ago or so but without any result.
If you thing things through implementing something like this in a
generic proxy is a very tough challenge (think of Local channels,
channel renaming, forwarding of calls and so on).

My conclusion from that discussion was simply to never directly expose
the Manager API to any application you don't have full control over or
that is run in an untrusted environment or by an untrusted user.

My solution for day-to-day projects is to use a special application that
exposed "business" services with proper access control through a
remoting API (JMS for Java applications, XML over HTTP and plain HTTP
POST/GET for other types of application).
That special application does not offer the full range of features the
Manager API has to offer but a useful abstract subset for things like
"place call", "get status", etc.


reuter network consulting
Neusser Str. 110
50760 Koeln
Telefon: +49 221 1305699-0
Telefax: +49 221 1305699-90
E-Mail:  stefan.reuter at reucon.com
Jabber:  stefan.reuter at reucon.com

Steuernummern 215/5140/1791 USt-IdNr. DE220701760

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.digium.com/pipermail/asterisk-dev/attachments/20070420/a821a29b/signature.pgp

More information about the asterisk-dev mailing list