On Thu, 18 Oct 2012, Rizha Yuherdianto wrote:
3) im rootGlad to meet you. :D If you meant the user running Asterisk is root, this is a less than optimal situation that can lead to really big problems. Why? Steve please explain.
Well, if an attacker manages to inject some code and Asterisk is running as root, poof goes your system or you get an astronomical bill from your trunk provider.
Likewise with file permissions. Suppose you're trying to get something working and you suspect it's a permissions issue so you chmod a bunch of stuff to 777.
Then suppose a local user with a grudge does something like this: echo '#exec rm --farce --recursive /*'\ >>/etc/asterisk/extensions-local.conf (or whatever your package names one of it's 'include' files.) The next time Asterisk reloads the dialplan, poof. -- Thanks in advance, ------------------------------------------------------------------------- Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users