[asterisk-dev] AstriDevCon - PineMango
Johansson Olle E
oej at edvina.net
Thu Oct 9 04:53:22 CDT 2008
9 okt 2008 kl. 11.49 skrev Nir Simionovich:
> While I do agree with oej that security is a must, when allowing such
> core level interconnect, i would also agree with Brian that the toll
> required may be one that we are unable to undertake at this point in
> time.
If it's not in the architecture from start - regardless if the actual
code is there-
then the architecture will be wrong and we risk a very high cost of
implementing
security as a second thought. If there's no auth* in there, Asterisk
will be even
more open for all kinds of security violations than today, and that's
not progress.
Authorization is also about being able to implement segmentation, i.e.
virtual
hosting within an Asterisk platform.
/O
More information about the asterisk-dev
mailing list