[asterisk-dev] Dialplan oddities with recent Asterisk ?
Bryant Zimmerman
BryantZ at zktech.com
Tue Feb 9 17:48:30 CST 2010
I would recommend that any issues that would cause a system instability be
addressed.
As for potential security risks per dial plan features I think a less
aggressive approach might be considered.
1. Make any required fixes or enhancements to the Filter() command.
2. Provide some usage case scenarios so that users can protect themselves
in their dial plans.
The usage case scenarios should highlight examples of filtering caller id
and variables that are at high risk. A listing of variables that are at
risk should be offered. If filters are strategically placed where calls
initiate and terminate the users can protect their systems. I stress that
good easily accessible documentation on this is key. These are items that
are not best learned by the school of hard knocks.
Regards
Bryant
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-dev/attachments/20100209/bdb47816/attachment.htm
More information about the asterisk-dev
mailing list