[asterisk-users] giving a user asterisk CLI access: how bad could it get
Jeff LaCoursiere
jeff at jeff.net
Fri Oct 31 20:52:16 CDT 2008
I think everyone is missing the point of the question. He wants to know
if the user's shell is set to rasterisk, can they then use the CLI to get
a command shell.
The answer is "yes, they can", and in that case it may not be such a
good idea. As someone else suggested, you can run a shell with "!". I
imagine this could be compiled out of the CLI if you were so inclined.
j
On Sat, 1 Nov 2008, Tzafrir Cohen wrote:
> On Sat, Nov 01, 2008 at 12:38:52AM +0100, Dima wrote:
> > Setting the user's shell to /usr/sbin/rasterisk works. On login user
> > gets into asterisk CLI if asterisk is running (user just has to have
> > write permission to /var/lib/asterisk.*).
>
> How does that user "login"?
>
> --
> Tzafrir Cohen
> icq#16849755 jabber:tzafrir.cohen at xorcom.com
> +972-50-7952406 mailto:tzafrir.cohen at xorcom.com
> http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
>
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
> *** Handled by Will's new toy ***
>
More information about the asterisk-users
mailing list