On Wed, Jul 07, 2010 at 09:06:26AM -0700, Steve Edwards wrote:
> On Wed, 7 Jul 2010, Faisal Hanif wrote:
>
> > 2nd option is by enabling execincludes=yes in asterisk.conf you can use
> > #exec in any of asterisk conf file to call any external application and
> > asterisk will use configuration returned by that external application
> > and will treat it same as in static file. Here you again have full power
> > of programming language in you hand.
>
> Won't "show dialplan," "sip show [peers|users]," etc. and a bit of
> scripting undo most of this "security."
Yeah. I was about to suggest stupid things such as '#exec rot13 <realconffile'
and using realtime. But then again, Asterisk will eventually know. If
one has any reasonable control over asterisk, one can get the
information Asterisk knows.
Or alternatively, read the information in the same way Asterisk would
read them, and using the same credentials.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
