On Fri, Sep 04, 2009 at 01:34:14PM -0400, David Kerr wrote: > Ryan, Thank you for the useful description. I would add a couple of > additional relevant observations... > > 1) The scripts directory contains executable shell scripts that are run on > request of the GUI by the asterisk server. These perform functions that must > be executed on the server as they cannot be done from the client browser..
Right. Although there's technically no limitation to run scripts from there. The client basically orders Asterisk to run arbitrary shell commands. We generally hope that the client is limited to javascript code coming from the GUI, but there is certainly no way to verify that. The ugly part is that there is no test to check if a command has failed. > > 2) The config directory cannot be read-only... the GUI writes to this > directory (output from system commands, link to Master.csv) It can, if you're careful enough. I was as bothered as you, and in the Debian package made all the writes to under config/tmp which is a symlink to /var/spool/asterisk/tmp . The fplip side is that now all the content of that tmp directory is browsable from the web. > > This last point bothers me somewhat as the number of write/read/delete > cycles can get quite high. On my asterisk installation the gui directory is > on a Compact Flash card and I'd like to minimize the number of writes to > this. I solved it by creating a config/tmp that is a softlink to a > directory on a ramdisk, then I created a patch file that modifies the GUI > javascript to point to config/tmp for all system output and Master.csv. If > you are interested in this patch let me know and I will open a bug and > attach it for you to look at. Wow, we think alike :-) You can find my patches in http://svn.debian.org/viewsvn/pkg-voip/asterisk-gui/trunk/debian/patches/ svn://svn.debian.org/pkg-voip/asterisk-gui/trunk/debian/patches/ I suggest you take a look at the Debian packaging of Asterisk. In Debian the datadir is /usr/share/asterisk . Which means that the bulk of the data is read-only. /var/lib/asterisk is used only for data that can actually change. -- Tzafrir Cohen icq#16849755 jabber:[email protected] +972-50-7952406 mailto:[email protected] http://www.xorcom.com iax:[email protected]/tzafrir _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-gui mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-gui
