[asterisk-dev] Security Request for discussion: Should sip.conf allowguest=yes be the default
Kai Hoerner
kai at ciphron.de
Mon Nov 16 02:18:43 CST 2009
Atis Lezdins schrieb:
> On Thu, Nov 12, 2009 at 8:34 PM, Tzafrir Cohen <tzafrir.cohen at xorcom.com> wrote:
>
>> Please explain to me why exactly allowing guests is a bad thing. How can
>> I allow people to call me from the internet? Create a local account for
>> each and every one in my addressbook?
>>
> How about creating context "guest" or "public", and setting it as
> default in samples? That would make user to think much more before
> adding some code there.
we should keep in mind here is that all users/friends/accounts that
do not explicitly set "context" to another value will end up there, too.
If we allowguest=yes, unauthenticated calls will end up in the default
context _as well_ but it's not guaranteed only unauthenticated calls go
there.
For that reason i suggest another, more clear context name: "unconfigured"
--
CIPHRON GmbH
Tel.: (05 11) 51 51 33 - 0 Fax: (05 11) 51 51 33 - 29
Web: http://www.ciphron.de/ Support: (05 11) 51 51 33 - 11
Ust.Id.: DE263362886 Geschäftsführer: Sebastian Horzela
Amtsgericht Hannover, HRB 203590
More information about the asterisk-dev
mailing list