On 10/6/07, Leif Madsen <[EMAIL PROTECTED]> wrote: > > > Here is a slightly updated version.
[...] Granted, I'm a stickler for edge cases, but one thing that worries me about any all-dialplan solution (especially one that uses System) is the potential for someone to do something malicious with it. Or (and this is probably more likely) an inattentive * admin to shoot themselves in the foot. For example, calling "Voicemail(user@;rm -rf /etc/asterisk)" with app_voicemail will probably blow up in a spectacular way but shouldn't do any real damage to your system. The dialplan-based approach will do "very bad things(tm)". Though implementing as much of this modular VM using existing dialplan functions is a good thing, I'd be more comfortable if the parts that allow user input (even administrator-created user input) to directly manipulate the filesystem were less easy to subvert. Very impressive otherwise though. -- j.
