[asterisk-dev] AstriDevCon - PineMango
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Thu Oct 9 07:59:00 CDT 2008
On Thu, Oct 09, 2008 at 11:20:27AM +0200, Johansson Olle E wrote:
>
> 8 okt 2008 kl. 23.20 skrev Nir Simionovich:
>
> > That diagram is not 100% correct. For example, we nixed the
> > authentication layer since it is such a large undertaking for the
> > limited gain it would provide
>
> That's a very interesting statement in regards to security...
>
> The authorization layer is very much needed if we're going to open up
> the core this way.
>
> Authentication is a different thing, but needs to be taken care of too.
Just a reminder that we have minimal autheorizations in the manager
interface (but very far from sufficient). There is also eliel's work on
CLI permissions which is essentially about slightly finer grain
authorization on one of the interfaces:
http://bugs.digium.com/11123
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
More information about the asterisk-dev
mailing list