Paul Davidson wrote:
> All-
>
> I am finishing up a PHP class, that works on astlinux, that can be used
> to build a web based Voicemail interface for the asterisk file-based
> voicemail storage system. I've specifically tuned it for astlinux, as I
> think it makes a nice, lightweight replacement for the Perl based script
> originally written by Mark, which of course will not run on astlinux.
> This class is not based at all on the Perl project, other than the base
> idea. Combined with a basic set of pages to give a user interface to
> the class, it supports on-page playback, email forwarding, and call
> return based on callerid, amoung the basic features.
>
> I do have a couple of questions I'd like to put out to the general
> astlinux community- call it a request for comment- while I am doing my
> cleanups, optimizations, and improving the code quality/readability.
> I'm open for suggestion here:
>
> 1. The primary problem is in the way asterisk stores voicemail- owned by
> the process owner of Asterisk, readable by no one else. Asterisk of
> course runs as root (default config). In order for the web based
> interface to read the voicemail, I have to run the web server under root
> authority- which is a big security concern. While we can lock down the
> web server and php pretty tightly- there are some known exploits, and no
> doubt more will occur in the future. The original Perl script, has the
> same issue, and uses perl modules to adopt necessary authority. I could
> ignore the problem entirely, as most astlinux systems are not (I hope)
> configured to allow web page access from the public Internet, and given
> the design principles, are not configured for large LANs, thus reducing
> the risk- but that doesn't make me happy. If anyone has any other
> suggestions, I'm open to them- while complete, I can rewrite the file
> handling parts if needed. Another solution might be to reconfigure
> Asterisk to run under a different user ID than root, with less
> authority- which wouldn't be a bad strategy for astlinux in general, but
> would represent a significant change to it's current default configuration.
>
> 2. How do I go about getting this into the astlinux stream? For stated
> reasons, I'd like to release it here first. I'm unclear, however, how
> to get it into the distribution, and it does require some per-user
> configuration to work, so it's not a good candidate for rc.conf. I will
> publish it via this list once I'm a little more confident in it's
> ability to work properly, and open it up to all here for code review.
>
> Thanks for any and all comment- and a big thanks to the maintainers of
> astlinux, who make this possible.
>
> -pbd
>
Paul,
This is great, and I'll have some comments for you when I finish up a
few things in a couple hours.
Sounds exciting!
--
Kristian Kielhofner
_______________________________________________
Astlinux-users mailing list
[email protected]
http://lists.kriscompanies.com/mailman/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to [EMAIL
PROTECTED]
