[asterisk-dev] AstriDevCon - PineMango
Tim Panton
thp at westhawk.co.uk
Sat Oct 11 16:47:35 CDT 2008
On 11 Oct 2008, at 20:36, Johansson Olle E wrote:
>
> 11 okt 2008 kl. 21.29 skrev Tim Panton:
>
>> In these cases they had to throw out most of the implementation of
>> the
>> core API
>> when they added the security layer but the API itself remained and
>> was
>> extended.
>>
>> I'm assuming a definition of success you may not agree with ;-)
>
> Nevertheless you found an example that proves that I'm wrong.
> Regardless, I still think that abandoning an authorization model
> is a Very Bad Idea (TM).
>
> If we publish an API, someone will produce an application that
> seriously
> breaks the core and hijacks channels left and right. It's better to do
> the
> work first, than have to clean up the mess afterwards. We have a very
> large installed base out there, and a responsibility not only to help
> them protect
> their mission-critical PBX systems, but also integrate security as we
> move
> forward, in order to enable them to use this functionality in their
> network
> and on the Internet.
There is a distinction here, by API, I mean the layer which the
framework writers would use. So Jay might use it to implement
Adhersion 2.0
I might implement JTAPI on top of it, you might implement manager 2.0
Applications would use the _framework_ to get stuff done, so Java coders
would use JTAPI , and Ruby guys would use Adhersion.
I'm arguing that the permission checking should be done in the
_frameworks_
in a way that makes sense to that framework's problem space, rather
than being pushed down into the core API.
(There is a problem - what happens if you set up an Adhersion system,
with a specific security model then someone writes a JTAPI app that
breaks
all those rules.?)
Tim.
More information about the asterisk-dev
mailing list