Necessary Privileges

From Pbxnsip Wiki

Contents 1 Requirements 2 Threats 3 Linux 4 Windows

Requirements

The PBX service needs several system resources to run properly. These resources are:

1. It must be able to tell the system which threads need high priority to keep the service quality up. This includes the delay between the RTP packets, also known as jitter.

2. The PBX must also be able to tag the RTP packets with the right Type of Service bits).

3. If must be able to read and write files from and to the file system.

Threats

There are several security risks that you should consider when granting the PBX full access.

• The PBX may read the file system. The web server first checks if the requested file exists on the file system (however, it does check for absolute path and upper level paths). This might introduce security risks. The same problem exists for the tftp server, which reads relative to the tftp directory. You may reduce the risk by not allowing the PBX process reading other directories.

• The PBX may also write files. If you enable tftp writing, the PBX will write files relative to the tftp directory. However, this option is turned off by default. You may reduce the risk by not allowing the PBX process writing other directories.

• The risk of malicious code execution does always exist in today’s complex software systems. However, at least there is no feature that allows loading of code into the PBX, which should significantly reduce that risk compared to other approaches. The risk of memory exploits should also be quite low, as the PBX uses managed memory, where access outside of the allocated memory is not possible.

Linux

You can easily fulfill all requirements if you run the process as root.

If you want to limit the access rights of the service, you may also run it in a different account. However, in this case you must make sure that this user has the privileges to execute the above requirements. Because the PBX will still work even without the scheduling and TOS privileges, you should check if the PBX was able to increase the priority for at least one thread and if the RTP packets sent by the PBX contain the TOS bits.

Windows

In Windows, you usually fulfill these requirements if you run the service as the local system administrator. It is not necessary that the service interacts with the desktop.

As in Linux, you may also run the PBX in a different account. And as in Linux, you must make sure that the PBX has the necessary privileges to perform its duty.