> > If you allow calls to your default context to be relayed back out then > you can be in a position where unregistered entities can use your > machine to make free calls. I guess this is a "security issue". > Certainly that can be an issue that one should be careful of when > setting up a PBX. > > But when I hear the the term "security" and I am on a computer the first > thing that comes to my mind is an attack vector for taking control of > the machine itself. For example an ill-formed packet or sequence of > packets that cause the server application to crash in such a way that > executes part of your packet data left on the stack. > > From your response, I am I correct in believing that the issue is in > allowing guests is in the former (free calls) rather than in the latter > (taking control of your Asterisk box)? > > Thank you for any clarification. > > And, by the way, I was and am still a little take aback by seeing that > everything except a spawned session of mini_httpd runs as root in my > AstLinux box. I would much prefer that Asterisk run as its own > unprivileged user. > > Tod
Yes my own concern was one of preventing unwanted use of PSTN lines in an Asterisk box which was on the internet. Mart ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [EMAIL PROTECTED]
