Post a Reply
1232 views

FOP2 listen security hole?

  1. 14 years ago

    broswell

    28 Oct 2010

    I setup FOP2 so a manager could listen to her sales agents. It works, as expected, but if she clicks on an agent who is not on call (box is green) and then she hits listen, we end up listening on a seemingly random phone conversation in the system.

    I have the lastest version of FOP2, PBX in A Flash version 1.6 with 2.8 FreePBX.

    Any ideas on how to fix it?

    Bob Roswell
    <!-- e --><a href="mailto:[email protected]">[email protected]</a><!-- e -->
    (410) 771-5544 ext 4336

  2. admin

    28 Oct 2010 Administrator

    It is not a security hole per se, but the actual behavior of chanspy. You can also hop on calls, etc. The next fop2 release will have the option to pass parameters to chanspy, so you can previously set spygroup for particular extensions and limit the scope to just that group. Or use the e() option for Asterisk 1.6 to enforce channel names.

or Sign Up to reply!