[asterisk-dev] Security Request for discussion: Should sip.conf allowguest=yes be the default

[Kai Hoerner]

Hi,

Tzafrir Cohen wrote:
> Sounds like we could really use a dummy entry for the "guest user"[2]
> in sip.conf . So you could set up context, extra variables, language and
> whatever. This sounds so simple and obvoius, that there must be some
> sound technical reasons why it won't work well.

Great idea. 1+
Waiting for comments from Olle on technical reasons.

>> With the solution as-is, both of them end up in the default context.

>> I do not understand how unintended relay applies at all to this topic.
>> Isn't bad dialplan design a configuration issue?

> This whole problem is about bad dialplan design. It is about beginners
> not planning their dialplan well.

I thought this discussion was about the sample configs, and how they can
aid beginners in using them as a starting point in a more secure manner
without further knowledge.
Bad dialplan design by beginners is not avoidable, but we can aid them
to start with a better sample design.

> I want to allow random Joe SIP user call my phone. I consider this a
> feature. This call takes out a bit of my bandwidth. But if this is a
> problem, I can hang up.

> I do not want Joe to call into my PBX and from there out through another
> trunk.

Still agreed.

>> It is, but this difficulty can be aided by adding more control over what 
>> calls go into which context.

> The dialplan already gives you good control.

Only if you know how to use your tools properly, which i believe beginners 
do not.

One can check if the call comes from an authenticated peer in dialplan. Agreed.

But i thought the discussion was about how to aid beginners who don't know 
such things.

> [1] Or rather: there maybe some actions that the sysadmin thinks are
> unauthorized but sadly are authorized.

Thx for the correction, that is exactly what i intended to say.


Regards,
Kaii