[Asterisk-Users] Anyone see this?
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Fri Jun 16 02:24:25 MST 2006
On Fri, Jun 16, 2006 at 08:57:02AM +0100, Senad Jordanovic wrote:
> asterisk-users-bounces at lists.digium.com wrote:
> > Dunno if anyone else has seen this yet:
> >
> http://www.scmagazine.com/us/news/article/563800/vulnerabilities+put+asteris
> k+telephone+systems+risk/
>
> we do not run asterisk (or any other critical services including PBXware) as
> root on the host as normal process.
> we are using chroot with very limited set of tools and non-root operation.
> so ... it is much more secure.
Well, that protects the rest of the system from a potential problem with
Asterisk. But not the rest of the network. Not to mention that it does
not protect the PBX itself.
A good practice, nontheless.
--
Tzafrir Cohen sip:tzafrir at local.xorcom.com
icq#16849755 iax:tzafrir at local.xorcom.com
+972-50-7952406
tzafrir.cohen at xorcom.com http://www.xorcom.com
More information about the asterisk-users
mailing list