FOP2 listen security hole?

broswellbroswell
in Support
I setup FOP2 so a manager could listen to her sales agents. It works, as expected, but if she clicks on an agent who is not on call (box is green) and then she hits listen, we end up listening on a seemingly random phone conversation in the system.

I have the lastest version of FOP2, PBX in A Flash version 1.6 with 2.8 FreePBX.

Any ideas on how to fix it?

Bob Roswell
<!-- e --><a href="mailto:broswell@syssrc.com">broswell@syssrc.com</a><!-- e -->
(410) 771-5544 ext 4336

Comments

  • nicolasnicolas
    It is not a security hole per se, but the actual behavior of chanspy. You can also hop on calls, etc. The next fop2 release will have the option to pass parameters to chanspy, so you can previously set spygroup for particular extensions and limit the scope to just that group. Or use the e() option for Asterisk 1.6 to enforce channel names.
Sign In or Register to comment.

© Asternic Corp 2024