[asterisk-dev] Introduction to ASA - the Asterisk Security Architecture
thp at westhawk.co.uk
Mon Oct 13 10:36:46 CDT 2008
On 13 Oct 2008, at 15:53, Johansson Olle E wrote:
> 13 okt 2008 kl. 16.27 skrev Tzafrir Cohen:
>> On Mon, Oct 13, 2008 at 02:12:39PM +0200, Johansson Olle E wrote:
>>> I've collected some notes and ideas and produced yet another PDF for
>>> you to look at, read and then discuss.
>> So a channel has to have a single user and domain. And perhaps
>> The domain name is an arbitrary string. But meaningful for some
>> drivers. VoIP channels may try to resolve it. Can you give an
>> example of
>> a place where knowing the domain helps?
> You want different contexts, codecs, service sets (transfer,
> for each domain.
>> What do we gain from the privileges model of multiple groups? Do you
>> actually mean that every group membership should translate to some
>> specific permission?
> Good question.
> In Astum, it was just a way to inherit properties, much like
> This needs some thinking...
> Keep the comments coming!
I had a thought over the weekend - perhaps we need to step away from the
user/group/domain/ vs object -> yes/no model
In most cases there is a direct cost to an action, and the user has a
Is there any merit in trying to model things that way?
So an anonymous incomming call might get a budget of Zero and therefore
only do things that cost Zero (or less).
Internal users get a Budget of (say $5) so can call anywhere (except
Is that too mad ?
More information about the asterisk-dev