On 5/2/07, Salvatore Giudice <[EMAIL PROTECTED]> wrote:
If you run it on the fly, doesn't that mean that the Asterisk user will have permissions to configure VPN's? Nobody sees a problem with that? I thinking that if you knock over the Asterisk service and get shell execution rights as Asterisk, you could be able to start tunnels for things other than voice. It's like giving a hacker a great way to hide their activities from your IDS without having to bother to get root first to install an encrypted data pipe.
That's true, the asterisk user needs to be able to invoke the "start_vpn" script or program. That does not mean that the asterisk user will have to have superuser rights to configure VPNs. You could make the start_vpn program setuid to a user that has those rights (and in that case, you probably don't want start_vpn to be a script). Also, openvpn typically starts "predefined" VPNs. To define a new one, someone would have to have access to the file system. When you say "knock over the Asterisk servoce and get shell execution rights", how would that happen, exactly? I can think of DoS attacks and other stuff, but am wondering how "knocking over Asterisk" will give someone shell execution rights? As I said above, you would want to make the function to start a VPN connection as safe as possible. That would include NOT using scripts, and employing other verification methods. _______________________________________________ --Bandwidth and Colocation provided by Easynews.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
