On Wed, Oct 03, 2007 at 09:10:58PM -0500, Moises Silva wrote: > If you are running the script from a web server, the script gets > executed with the web server process permissions, hence, probably does > not have access to /var/run/asterisk.ctl. > > You can give permissions to your web server, or better yet, dont > execute the command using shell_exec, better open a socket connection > to the Asterisk manager and execute Action: Command > Command: extensions reload
Not that, in essense, this permits the web server's user to control Asterisk as well - the web server's user must be able to read the password from somewhere. The only real benefit is if you can limit the permissions you give to that specific manager user. But there's a limit to ohw useful this can be. Even "write=command" alone allows changing the dialplan ('dialplan add' / 'dialplan remove') and running an arbitrary command as the asterisk user (originate a call to the application System). -- Tzafrir Cohen icq#16849755 jabber:[EMAIL PROTECTED] +972-50-7952406 mailto:[EMAIL PROTECTED] http://www.xorcom.com iax:[EMAIL PROTECTED]/tzafrir _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users