On Tue, Nov 04, 2008 at 04:31:58PM -0600, Tilghman Lesher wrote:
> On Tuesday 04 November 2008 15:52:10 Ruddy Gbaguidi wrote:
> > Did you know that any commandyou type in asterisk cli starting with
> > exclamation point (!) is execute in the shell by asterisk ??
> > Example :
> > running
> > !ls
> > will run 'ls' in your current directory
> >
> > So, be aware because your user can do whatever we want then.
>
> Yes, but remote commands are executed as whatever user is running the
> remote command, which is NOT necessarily the same as root. You can open
> up the permissions of the asterisk.ctl pipe file to allow another group to
> connect.
'!' is not a remote command. If you login as asteriskcli and asterisk is
running as the user asteriskd, '!ls' and '!rm whatever' will be executed
through /bin/sh by the user asteriskcli . Anything you can cause
Asterisk to run through the dialplan, originate and such would be run by
asteriskd.
So it doesn't buy you much vs. creating a standard user account.
--
Tzafrir Cohen
icq#16849755 jabber:[EMAIL PROTECTED]
+972-50-7952406 mailto:[EMAIL PROTECTED]
http://www.xorcom.com iax:[EMAIL PROTECTED]/tzafrir
_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
