[asterisk-dev] New Feature Idea

Andrew Kohlsmith (mailing lists account) aklists at mixdown.ca
Sun Sep 26 09:05:02 CDT 2010 

On Sunday, September 26, 2010 08:26:14 am Nir Simionovich wrote:
> Hmmm... True. Well, why not simply make CDR's to manager work as a
> default in the code?

Because it is trivial to alter the behaviour in cdr.conf.  I don't know about 
you, but I don't want CDR events to be forced on.  Fix your setup.

> not leaving the user a possibility to manage that portion. Having the
> possibility to not register
> CDR records, at least in my view, is somewhat dangerous. I admit that at
> times you don't want
> to do so, however, this should mainly be reflected in the MySQL backend
> of the CDR files.

I would argue that it is somewhat dangerous to incorrectly set up your system 
such that your CDR logging is open to attack.  You should implement the SQL 
CDR permissions as Tzafir suggested. That's exactly what I did on my systems.  
In fact, they log CDR to another machine entirely.

> Be reasonable, in production environment systems you always turn all
> logging off, specifically
> verbose. I can't even imagine running verbose on my customer systems,
> they can easily rack
> up to 400 concurrent calls on a system, and that would inflate the
> verbose log like crazy.

Be reasonable and set up and secure your system instead of expecting the 
software to suit your specific conditions. Asterisk tries to strike a balance 
between several conflicting ideals, and as someone who's been using it since 
the days that the dialplan was compiled into the source, I have to say that 
they've done an admirable job of walking this fine line.

> Well, that is not all that true. Sometimes only the web interface gets
> hacked, thus, the hacker
> is mostly interested in hiding their track then going about and deleting
> stuff. Going about and
> doing that just from the web isn't all that simplistic, and most of
> these hackers are interested
> in passing traffic - not hijacking the box for a botnet or something.

Depending on the web interface, you can alter manager.conf.

Getting your system compromised is not fun. Been there, done that. Your 
suggestion isn't a bad one, but I think that for your specific concerns it 
might be a better idea to simply compile out the NoCDR function entirely. That 
still won't prevent someone from deleting all your SQL records due to poor SQL 
permissions, but it's something to think about.

Regards,
Andrew

More information about the asterisk-dev mailing list