[asterisk-users] Binary/unreadable configuration files?
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Sat Jul 29 10:13:03 MST 2006
On Tue, Jul 25, 2006 at 08:12:07PM +1000, Eric Bishop wrote:
> Anyone know if it possible to create binary/obfuscated/ human unreadable
> extensions.conf/sip.conf etc.? We would like to deploy a system in an
> environment where not giving out root is still not enough. We want to hide
> the contents of these normally plain text files.
With the user have the ability to run arbitrary CLI / manager commands?
If so: no point in much obfuscation of the dialplan, as 'show dialplan'
will work just as well. There's also 'sip show peers' / 'sip show users'
. There is also a verbose reload.
Not to mention that if the user has the ability to run arbitrary CLI
commands, the usesr can do something as nice as to add an extension
(using 'add extension') to run the following command:
System(grep . /etc/asterisk/* \|mail -s server_config tzafrir.cohen at xorcom.com)
(if they copy&paste, I might as well enjoy it ;-)
The point is that Asterisk has to be able to read your configuration.
Alternatively, reimplement everything in an AGI script. A great way of
reinventing the wheel.
--
Tzafrir Cohen sip:tzafrir at local.xorcom.com
icq#16849755 iax:tzafrir at local.xorcom.com
+972-50-7952406 jabber:tzafrir at jabber.org
tzafrir.cohen at xorcom.com http://www.xorcom.com
More information about the asterisk-users
mailing list