From: Russell Bryant <russell@russellbryant.com>
Date: Wed, 14 Mar 2007 16:38:48 +0000 (+0000)
Subject: Add a note to the security file that the Asterisk CLI and log files may contain
X-Git-Tag: 1.2.17~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ae319d34d55bdf1af8124a0cc3edc3e84b832df5;p=thirdparty%2Fasterisk.git

Add a note to the security file that the Asterisk CLI and log files may contain
sensitive information, and that people should keep this in mind.


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.2@58896 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---

diff --git a/SECURITY b/SECURITY
index 3290cba487..0801679cc0 100644
--- a/SECURITY
+++ b/SECURITY
@@ -65,3 +65,9 @@ exten => 6123,Dial(Zap/1)
 DON'T FORGET TO TAKE THE DEMO CONTEXT OUT OF YOUR DEFAULT CONTEXT.  There
 isn't really a security reason, it just will keep people from wanting to 
 play with your Asterisk setup remotely.
+
+* LOG SECURITY
+
+Please note that the Asterisk log files, as well as information printed to the
+Asterisk CLI, may contain sensitive information such as passwords and call 
+history.  Keep this in mind when providing access to these resources.