Gateways usage security http://wikipbx.subwiki.com/forum/t-248294/gateways-usage-security Posts in the discussion thread "Gateways usage security" - using gateways of other accounts Mon, 06 Feb 2012 00:41:35 +0000 http://wikipbx.subwiki.com/forum/t-248294#post-810619 Re: Gateways usage security http://wikipbx.subwiki.com/forum/t-248294/gateways-usage-security#post-810619 Thu, 17 Jun 2010 13:27:23 +0000 ledda 497236 Thanks for pointing on this check. I've found it.

]]> http://wikipbx.subwiki.com/forum/t-248294#post-810025 Re: Gateways usage security http://wikipbx.subwiki.com/forum/t-248294/gateways-usage-security#post-810025 Wed, 16 Jun 2010 17:55:48 +0000 stas_shtin 230176 Just checking it would probably be easier than asking… Anyway, there is a security check that happens when freeswitch requests dialplan that looks for this particular issue. User shouldn't be able to use gateways belonging to others.

However, there must be other less obvious ways for malicious user to exploit freeswitch server as he has direct access to generated dialplan. We plan to have a WYSIWYG interface for editing dialplan extensions in the future that would let user to use only safe commands.

]]> http://wikipbx.subwiki.com/forum/t-248294#post-809883 Gateways usage security http://wikipbx.subwiki.com/forum/t-248294/gateways-usage-security#post-809883 Wed, 16 Jun 2010 13:37:23 +0000 ledda 497236 While adding extension, in picklist you can choose "gateway dialout"

It configures extensions with the line like this:
<action application="bridge" data="sofia/gateway/myprovider.com/$1"/>

After that it's possible to edit this line and specify another gateway (e.g. gateway of another account)

Is there any control that every account can use only his own gateways and not gateways of other accounts?

]]>