[asterisk-dev] AEL security
Philipp Kempgen
philipp.kempgen at amooma.de
Mon Mar 19 04:21:54 MST 2007
Sergey Okhapkin wrote:
> AEL needs to use extensions when compiling "switch" statement, asterisk
> extensions pattern match is being used for "default" case.
>
> On Monday 19 March 2007 06:39, Philipp Kempgen wrote:
>> Philipp Kempgen wrote:
>>> It seems like AEL compiles labels into extensions.
>>> So a users could directly dial to a label which seems
>>> like a security risk to me. Am I missing something?
>> Need to correct myself: AEL compiles the cases in a switch
>> block into extensions. Labels remain untouched. But that
>> doesn't make it any better.
Features are not an excuse for weak security. :P
Regards,
Philipp
--
amooma GmbH - Bachstr. 126 - 56566 Neuwied - http://www.amooma.de
Let's use IT to solve problems and not to create new ones.
Asterisk? -> http://www.das-asterisk-buch.de
Geschäftsführer: Stefan Wintermeyer
Handelsregister: Neuwied B 14998
More information about the asterisk-dev
mailing list