I’m by no means an expert on the FreePBX Distro, but it would appear that the SysAdmin module which is fully integrated into the FreePBX Distribution fails all four of your tests above. I happen to like it anyway. And, as I noted before, that’s perfectly fine. What gives me heartburn is when you begin touting the FreePBX Distro as pure open source code (which it’s not) and slamming others for using something other than “pure GPL.” We clearly label our installers as freeware and define the conditions of use. Nothing precludes installing the PIAF distro without our installers. Many do, and the scripts are freely available on our forums and elsewhere. Is it possible to install the FreePBX Distro without simultaneously loading SysAdmin? I don’t think so. Can it be removed later? Of course. The same goes for our installers. In fact, we remove them automatically.
Anyone wanting to know what’s installed on PIAF systems can easily find it. It’s all laid out in the log. There’s nothing sinister going on despite some of your previous statements. And there are plenty of ways to monitor what’s being installed on your system and to determine whether zombies are either loaded or running on a server. They aren’t as someone with your claimed level of expertise should know!
Anyone wanting to redistribute a copy of PBX in a Flash to a neighbor or a perfect stranger is more than welcome to do so. This can be done by using the ISO images, a backup image of a hard disk, a flash drive ISO, an OpenVZ template, or one of several install scripts that load PIAF on a Linux distribution of the user’s choice using scripts that you are free to modify to your heart’s content.
We don’t recommend redistributing modified versions of any application including ours. It is and always has been fraught with peril. Why? Because you may not know why we did what we did in the first place. Our foremost concern is security. Contrary to your assertions here and elsewhere, it has nothing to do with hiding anything from you or from anybody else.
Here’s the risk. Once people, such as you in another thread on this forum, start recommending that folks tamper with the PIAF security model because of your own theories about security, we draw the line. We adopted the Apache security model after a very real hole was discovered in some very old FreePBX code. It involved the ARI module as I recall. Then another one arose in CDR reports. With the CDR issue, it was possible to compromise a server if certain code was embedded in SIP CallerID records. Philippe quickly fixed both problems, but like everyone else, Philippe acknowledged that there were portions of FreePBX that were written a very long time ago by people that were no longer around. So nobody knew or knows whether all of that old code is secure and bug-free or not. As a result, we opted to switch security models. FreePBX opted to stay the course. That’s fine. We’re comfortable with our model, and others do things differently. The world won’t end!
But, if you change our model or recommend to others running PIAF systems that they change our security model and the system gets compromised, then that becomes your problem, not ours. Frankly, I find it irresponsible to suggest such a change to others without any explanation of the advantages of the alternatives… especially when you don’t know the history behind our adoption of the Apache security model in the first place. It’s especially disturbing because you hold yourself out as an “expert” and someone offering “Official Paid Support” to others. Whether your comments are personal thoughts or not is quite irrelevant under the circumstances.