On Wed, Dec 05, 2007 at 06:05:45PM -0500, Michael Melia Jr. wrote: > Thanks for the suggestions so far. I don't like the idea that I have to > give full control with OutCall but it seems to be the case with most of > the solutions out there.
I suggested http://bugs.digium.com/10972 which is a very good start to solving those issues. Or at least reduce the threat. But I guess people prefer to just ignore the problem. It does not deal with the ability of the caller to use an arbitrary originating device. This may allow the (not fully untrusted) to use any SIP/IAX trunk with any extension in the target context. But it still prevents the option to running an arbitrary dialplan command, and such. Maybe someone else would have a better idea about setting a device for the caller. Maybe figure out a way to find a set of devices to a that user. And it actually does not break the existing manager interface. So you should probably be able to use your OutCall. Unless it uses the manager interface to do things other than originating cals. In that case - you need to think better about the required permissions in manager.conf . -- Tzafrir Cohen icq#16849755 jabber:[EMAIL PROTECTED] +972-50-7952406 mailto:[EMAIL PROTECTED] http://www.xorcom.com iax:[EMAIL PROTECTED]/tzafrir _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users