[asterisk-dev] Strange issue with permissions and a third party module

Hans-Peter Jansen hpj at urpla.net
Tue Dec 11 11:57:25 CST 2018

On Montag, 10. Dezember 2018 13:53:38 Joshua C. Colp wrote:
> On Wed, Dec 5, 2018, at 12:40 PM, Hans-Peter Jansen wrote:
> > 
> > Why does the Asterisk module behaves differently permission-wise?
> How is Asterisk actually run and executed? Is it being run as a systemd
> unit, could that be altering permissions and limiting things?

Yes, it is executed by systemd:

Description=Asterisk PBX

ExecStart=/usr/sbin/asterisk -fn
ExecReload=/bin/kill -HUP $MAINPID


and uses the built-in runuser and rungroup mechanism to drop permissions.

> > Does Asterisk use some special protection/capabilities for its modules?
> Nope, we do nothing special and rely on the system itself. We can drop down
> to a different user and such, that's about it.

Okay, thank you. Will dig deeper.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20181211/7423f257/attachment.html>

More information about the asterisk-dev mailing list