----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviewboard.asterisk.org/r/3969/#review13228 -----------------------------------------------------------
I don't think FullyBooted should be a security restricted event. This will not effect me personally since I use read=all, but the FullyBooted event is used by AMI clients to determine that Asterisk is ready to receive actions (that's how I use it). Changing the security level on released branches seems to me like a breaking change. The idea that any user logged into AMI can know when the system is fully booted does not seem like any security risk to me. As for the inconsistancy, my vote would be to change the security flag in main/asterisk.c to 0 for this event, that way all AMI users receive the event so they know Asterisk is ready to do stuff. - Corey Farrell On Sept. 3, 2014, 6:15 p.m., Jonathan Rose wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviewboard.asterisk.org/r/3969/ > ----------------------------------------------------------- > > (Updated Sept. 3, 2014, 6:15 p.m.) > > > Review request for Asterisk Developers and Matt Jordan. > > > Repository: Asterisk > > > Description > ------- > > Apparently instead of using the readperm mask, it was using the send_events > mask... which is somewhat weird. It's initialized to -1 (which will return > true when used with bitwise and on EVENT_FLAG_SYSTEM) and this is where the > odd behavior came from. > > I think this was just a mistake and switching to the readperm mask appears to > have fixed it. > > > Diffs > ----- > > /branches/1.8/main/manager.c 422543 > > Diff: https://reviewboard.asterisk.org/r/3969/diff/ > > > Testing > ------- > > Ran through the login process with and without the system read permission. > With it, I got the FullyBootted event. Without it, I did not. > > > Thanks, > > Jonathan Rose > >
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev