[asterisk-dev] AstriDevCon - PineMango

Tzafrir Cohen tzafrir.cohen at xorcom.com
Mon Oct 13 19:27:50 CDT 2008

On Thu, Oct 09, 2008 at 09:16:52PM +0200, Tzafrir Cohen wrote:

> That is indeed a different problem. So now thing of a similar problem.
> Your siwtchboard is connected to an Asterisk box (maybe several of
> those) and serves several users. You want to allow different users to
> control a different subset of extensions.
> Is it possible to easily tell that an even is related to one of the
> devices in the group "company_a"?
> Or do we end up again without you getting the information you need for
> your switchboard?

And now let's look at a slightly different problem. A shared hosting
setup. Both company_a and company_b are hosted on that server. Each has
its own skilled programmers that use the interface from
PineMango-Asterisk to create their own custom programs.

Among those are custom programs that manipulate the dialplan. How can we
guarantee that company_a and company_b don't edit each other's dialplan?

But then again, there are other nasty things company_a and company_b
could do through the API to edit each other's dialplan. For instance, a
series of System(sed -i <something> /etc/asterisk/extensions.conf)
commands can be handy. 

So I suggest that System() is a priviliged command that should be
blockable in a virtual hosting setup. 

               Tzafrir Cohen
icq#16849755              jabber:tzafrir.cohen at xorcom.com
+972-50-7952406           mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com  iax:guest at local.xorcom.com/tzafrir

More information about the asterisk-dev mailing list