[asterisk-dev] Security Request for discussion: Should sip.conf allowguest=yes be the default
Olle E. Johansson
oej at edvina.net
Mon Nov 16 02:29:44 CST 2009
16 nov 2009 kl. 09.18 skrev Kai Hoerner:
> Atis Lezdins schrieb:
>> On Thu, Nov 12, 2009 at 8:34 PM, Tzafrir Cohen <tzafrir.cohen at xorcom.com> wrote:
>>
>>> Please explain to me why exactly allowing guests is a bad thing. How can
>>> I allow people to call me from the internet? Create a local account for
>>> each and every one in my addressbook?
>>>
>> How about creating context "guest" or "public", and setting it as
>> default in samples? That would make user to think much more before
>> adding some code there.
>
> we should keep in mind here is that all users/friends/accounts that
> do not explicitly set "context" to another value will end up there, too.
>
> If we allowguest=yes, unauthenticated calls will end up in the default
> context _as well_ but it's not guaranteed only unauthenticated calls go
> there.
>
> For that reason i suggest another, more clear context name: "unconfigured"
>
For trunk, we can separate the default context, that is inherited to unconfigured devices from the context that is used for calls where we can not match anyone. Like "guestcontext". That would make things very clear. Guestcontext can default to the default context, but the sample configuration could have an activated setting.
While this would not work with released versions, it might make things better with future releases.
Feedback?
/O
More information about the asterisk-dev
mailing list