Merged revisions 58897 via svnmerge from

https://origsvn.digium.com/svn/asterisk/branches/1.4

................
r58897 | russell | 2007-03-14 11:40:22 -0500 (Wed, 14 Mar 2007) | 11 lines

Merged revisions 58896 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.2

........
r58896 | russell | 2007-03-14 11:38:48 -0500 (Wed, 14 Mar 2007) | 3 lines

Add a note to the security file that the Asterisk CLI and log files may contain
sensitive information, and that people should keep this in mind.

........

................

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@58898 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/doc/security.txt b/doc/security.txt
index 8abe917..3adf536 100644 (file)
--- a/doc/security.txt
+++ b/doc/security.txt
@@ -72,3 +72,9 @@ exten => 6123,Dial(Zap/1)
 DON'T FORGET TO TAKE THE DEMO CONTEXT OUT OF YOUR DEFAULT CONTEXT.  There
 isn't really a security reason, it just will keep people from wanting to 
 play with your Asterisk setup remotely.
+
+* LOG SECURITY
+
+Please note that the Asterisk log files, as well as information printed to the
+Asterisk CLI, may contain sensitive information such as passwords and call 
+history.  Keep this in mind when providing access to these resources.