[asterisk-dev] AstriDevCon - PineMango

Tzafrir Cohen tzafrir.cohen at xorcom.com
Thu Oct 9 14:16:52 CDT 2008 

On Thu, Oct 09, 2008 at 11:15:53AM -0700, Brian Degenhardt wrote:
> Tzafrir Cohen wrote:
> > On Thu, Oct 09, 2008 at 09:20:40AM -0700, Brian Degenhardt wrote:
> > 
> >> To clarify, we're talking about fine-grained auth here, not the yes/no
> >> type in a password to use the API socket.  We currently don't
> >> authenticate AGI scripts, cli commands, dialplan scripts, and manager's
> >> security model is a joke.
> > 
> > And a reminder of what happens because of that:
> > 
> > If you want to write a nice little dialer and do it the right way,
> > you have to write your own daemon that runs on a dedicated server.
> > Little hacks like SnapDialer are indeed security holes (if you allow
> > them to be used). If there were proper authorization through the manager
> > interface, such dialers could have been safe.
> > 
> > I suspect that the same would apply to any interface you want to expose.
> 
> You're absolutely right here.  I'm not arguing with any of this.
> 
> Now that we agree that you have to write a little daemon that connects
> to Asterisk, let's explore how that's done.  For Switchvox, we've
> written just that for our Switchboard:
> 
> http://www.switchvox.com/sv?cmd=screenshots&pic=23
> 
> Currently this daemon uses the manager interface, which it turns out is
> bordering on unusable to do this sort of thing.  Don't take my word for
> it, ask anyone who's ever tried to track detailed call status over
> manager.  One of our engineers likened it to digging through your trash
> to figure out what you had for dinner, because there isn't a proper way
> to just ask.

Well, your daemon does much much more than originating calls.
Originating calls using the manager interface is simple.

> 
> This problem needs to be fixed first.  I'm not saying fine-grained auth
> isn't a good project, I'm just saying that having a usable API is more
> important from my perspective.

That is indeed a different problem. So now thing of a similar problem.
Your siwtchboard is connected to an Asterisk box (maybe several of
those) and serves several users. You want to allow different users to
control a different subset of extensions.

Is it possible to easily tell that an even is related to one of the
devices in the group "company_a"?

Or do we end up again without you getting the information you need for
your switchboard?

> 
> Doing the API correctly is a huge undertaking.  Fine-grained auth is
> also a massive undertaking.  We (not just Digium, the whole Asterisk
> community of developers) do not have enough engineering bandwidth to do
> both at the same time.  Therefore, I'm saying that we have to put the
> auth issue on hold so that we can at least accomplish one of these two
> huge projects.
> 
> Hell, I even think the API project is ambitious to the point of being
> impractical.  I'm still going to fight to keep it practical, and part of
> that means expelling this need for auth as a dependency.

-- 
               Tzafrir Cohen
icq#16849755              jabber:tzafrir.cohen at xorcom.com
+972-50-7952406           mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com  iax:guest at local.xorcom.com/tzafrir

More information about the asterisk-dev mailing list