[asterisk-users] Unable to load users.conf
Steve Edwards
asterisk.org at sedwards.com
Thu Oct 18 01:15:18 CDT 2012
On Thu, 18 Oct 2012, Rizha Yuherdianto wrote:
> 3) im root
>
> Glad to meet you.
>
> :D
>
> If you meant the user running Asterisk is root, this is a less than optimal
> situation that can lead to really big problems.
>
> Why? Steve please explain.
Well, if an attacker manages to inject some code and Asterisk is running
as root, poof goes your system or you get an astronomical bill from your
trunk provider.
Likewise with file permissions. Suppose you're trying to get something
working and you suspect it's a permissions issue so you chmod a bunch of
stuff to 777.
Then suppose a local user with a grudge does something like this:
echo '#exec rm --farce --recursive /*'\
>>/etc/asterisk/extensions-local.conf
(or whatever your package names one of it's 'include' files.)
The next time Asterisk reloads the dialplan, poof.
--
Thanks in advance,
-------------------------------------------------------------------------
Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000
More information about the asterisk-users
mailing list