On Thu, 18 Oct 2012, Rizha Yuherdianto wrote:
3) im root
Glad to meet you.
:D
If you meant the user running Asterisk is root, this is a less than
optimal
situation that can lead to really big problems.
Why? Steve please explain.
Well, if an attacker manages to inject some code and Asterisk is running
as root, poof goes your system or you get an astronomical bill from your
trunk provider.
Likewise with file permissions. Suppose you're trying to get something
working and you suspect it's a permissions issue so you chmod a bunch of
stuff to 777.
Then suppose a local user with a grudge does something like this:
echo '#exec rm --farce --recursive /*'\
>>/etc/asterisk/extensions-local.conf
(or whatever your package names one of it's 'include' files.)
The next time Asterisk reloads the dialplan, poof.
--
Thanks in advance,
-------------------------------------------------------------------------
Steve Edwards [email protected] Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
