I am going to chime in on this one as I find the end result to be of interest to me ... My opinion on this is that we should be shooting long term for a "user panel" and an "admin panel" ... I see no reason why we could not call the admin panel as "https://<ip-address>/admin" and the user panel as "https://<ip-address>/user" ... This should allow them to use the same instance of the web server ... Just point them at different start folders ...
Initially the user panel will provide web access to voicemail (which is a nice feature) ... But in future, would be real nice if this user panel could be expanded to do other user oriented things such as let them enter a forwarding phone number ... Am sure others will have a number of things they would like a user to be able to manage on their own from this interface ... Just as the admin panel now requires authentication, I assume the user panel should also ... Would be nice if the authentication could be bounced off voicemail.conf for validation ... This would mean that the extension number would be the valid user and the voicemail password would be the logon password ... I assume that this or something similar is the plan ... Anyway, thats one opinion from the peanut gallery ... As it happens, I maintain two Aslinux servers on a test bench specifically for the purpose of testing new functionality ... Once this thing is at the point where you think it is ready for the idiot test, I am a willing and able idiot ... I am having a wonderful time right now proving how NOT TO implement the blue tooth functionality ... If it can be broken or screwed up in any way, I can do it ... Just let me know when you are ready ... G.Hendershot -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kristian Kielhofner Sent: Wednesday, October 18, 2006 10:08 AM To: Discussion of AstLinux - Asterisk on Compact Flash Subject: Re: [Astlinux-users] RFC: New PHP based module for Voicemail Paul Davidson wrote: > All- > > I am finishing up a PHP class, that works on astlinux, that can be > used to build a web based Voicemail interface for the asterisk > file-based voicemail storage system. I've specifically tuned it for > astlinux, as I think it makes a nice, lightweight replacement for the > Perl based script originally written by Mark, which of course will not run on astlinux. > This class is not based at all on the Perl project, other than the > base idea. Combined with a basic set of pages to give a user > interface to the class, it supports on-page playback, email > forwarding, and call return based on callerid, amoung the basic features. > > I do have a couple of questions I'd like to put out to the general > astlinux community- call it a request for comment- while I am doing my > cleanups, optimizations, and improving the code quality/readability. > I'm open for suggestion here: > > 1. The primary problem is in the way asterisk stores voicemail- owned > by the process owner of Asterisk, readable by no one else. Asterisk > of course runs as root (default config). In order for the web based > interface to read the voicemail, I have to run the web server under > root > authority- which is a big security concern. While we can lock down > the web server and php pretty tightly- there are some known exploits, > and no doubt more will occur in the future. The original Perl script, > has the same issue, and uses perl modules to adopt necessary > authority. I could ignore the problem entirely, as most astlinux > systems are not (I hope) configured to allow web page access from the > public Internet, and given the design principles, are not configured > for large LANs, thus reducing the risk- but that doesn't make me > happy. If anyone has any other suggestions, I'm open to them- while > complete, I can rewrite the file handling parts if needed. Another > solution might be to reconfigure Asterisk to run under a different > user ID than root, with less > authority- which wouldn't be a bad strategy for astlinux in general, > but would represent a significant change to it's current default configuration. > > 2. How do I go about getting this into the astlinux stream? For > stated reasons, I'd like to release it here first. I'm unclear, > however, how to get it into the distribution, and it does require some > per-user configuration to work, so it's not a good candidate for > rc.conf. I will publish it via this list once I'm a little more > confident in it's ability to work properly, and open it up to all here for code review. > > Thanks for any and all comment- and a big thanks to the maintainers of > astlinux, who make this possible. > > -pbd > Paul, First of all, thank you very much for taking the time to develop this. The perl script (vmail) was not usable on AstLinux and had some issues in general. I'm glad someone came along to work on this in PHP (which works in AstLinux, too). 1) This is the primary problem. In AstLinux, we have a couple of options. First of all, there are two web servers that run - one uses https and runs as root by default (this is because it hosts the admin interface and needs to write files). The other is HTTP only and runs as "nobody" by default. Depending on whether you think this needs to use HTTP or HTTPS, there might not be that many issues... Regarding running Asterisk as root in AstLinux... I have thought a lot about this. Asterisk runs as root in AstLinux because on most of these systems (Soekris, etc) we need need kernel preemption. Without it, the main goal of AstLinux - to create a PBX - would suffer. The security concerns with this don't really bother me all that much. Given that AstLinux systems are designed to run Asterisk as the primary function, if someone hacks Asterisk (whether root or not) they can cause a significant amount of damage, and destroy the ability for the system to process calls - it's primary function. However, I can see why in some cases it would be better to run it as a non-privileged user (asterisk, for instance). I should add an rc.conf option for this. 1a) Scenario 1 - run your script in the HTTPS root (as root). It will just work :) 1b) Scenario 2 - run your script in the HTTP root as nobody. You could then write a shell script that could be run by Asterisk (voicemail.conf externnotify) to make the files "770 root:nobody" so that they could be modified by Asterisk and your PHP script, run by the web server as nobody. This would be the simplest, most relatively secure way to implement this. 1c) Scenario 3 - Start yet another httpd process on an alternate port for user voicemail access (run as a totally separate user - vmail or something). Same issues as above (run externnotify). This would require the most changes to AstLinux and would require most of the mods from "b" above (externnotify, etc). This combined with a new rc.conf option for running Asterisk as a separate user could be pretty neat. 2) Easy! Send it to me (or the list) and we'll check it out. If everything is good, I will include it in AstLinux SVN, probably as a build option to Asterisk. Thanks again! This is very cool! -- Kristian Kielhofner _______________________________________________ Astlinux-users mailing list [email protected] http://lists.kriscompanies.com/mailman/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [EMAIL PROTECTED] _______________________________________________ Astlinux-users mailing list [email protected] http://lists.kriscompanies.com/mailman/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [EMAIL PROTECTED]
