[asterisk-dev] AstriDevCon - PineMango
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Mon Oct 13 19:27:50 CDT 2008
On Thu, Oct 09, 2008 at 09:16:52PM +0200, Tzafrir Cohen wrote:
> That is indeed a different problem. So now thing of a similar problem.
> Your siwtchboard is connected to an Asterisk box (maybe several of
> those) and serves several users. You want to allow different users to
> control a different subset of extensions.
>
> Is it possible to easily tell that an even is related to one of the
> devices in the group "company_a"?
>
> Or do we end up again without you getting the information you need for
> your switchboard?
And now let's look at a slightly different problem. A shared hosting
setup. Both company_a and company_b are hosted on that server. Each has
its own skilled programmers that use the interface from
PineMango-Asterisk to create their own custom programs.
Among those are custom programs that manipulate the dialplan. How can we
guarantee that company_a and company_b don't edit each other's dialplan?
But then again, there are other nasty things company_a and company_b
could do through the API to edit each other's dialplan. For instance, a
series of System(sed -i <something> /etc/asterisk/extensions.conf)
commands can be handy.
So I suggest that System() is a priviliged command that should be
blockable in a virtual hosting setup.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
More information about the asterisk-dev
mailing list