[asterisk-users] Using PHP to reload extensions
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Thu Oct 4 13:35:57 CDT 2007
On Wed, Oct 03, 2007 at 09:10:58PM -0500, Moises Silva wrote:
> If you are running the script from a web server, the script gets
> executed with the web server process permissions, hence, probably does
> not have access to /var/run/asterisk.ctl.
>
> You can give permissions to your web server, or better yet, dont
> execute the command using shell_exec, better open a socket connection
> to the Asterisk manager and execute Action: Command
> Command: extensions reload
Not that, in essense, this permits the web server's user to control
Asterisk as well - the web server's user must be able to read the
password from somewhere.
The only real benefit is if you can limit the permissions you give to
that specific manager user. But there's a limit to ohw useful this can
be. Even "write=command" alone allows changing the dialplan ('dialplan
add' / 'dialplan remove') and running an arbitrary command as the
asterisk user (originate a call to the application System).
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
More information about the asterisk-users
mailing list