SMRSH

Section: Maintenance Commands (8)
Updated: 11/02/93
Index Return to Main Contents

NAME

smrsh - restricted shell for sendmail

SYNOPSIS

smrsh -c command

DESCRIPTION

The smrsh program is intended as a replacement for sh for use in the ``prog'' mailer in sendmail(8) configuration files. It sharply limits the commands that can be run using the ``|program'' syntax of sendmail in order to improve the over all security of your system. Briefly, even if a ``bad guy'' can get sendmail to run a program without going through an alias or forward file, smrsh limits the set of programs that he or she can execute.

Briefly, smrsh limits programs to be in the directory /usr/adm/sm.bin, allowing the system administrator to choose the set of acceptable commands. It also rejects any commands with the characters ``', `<', `>', `|', `;', `&', `$', `(', `)', `' (carriage return), or ` (newline) on the command line to prevent ``end run'' attacks.

Initial pathnames on programs are stripped, so forwarding to ``/usr/ucb/vacation'', ``/usr/bin/vacation'', ``/home/server/mydir/bin/vacation'', and ``vacation'' all actually forward to ``/usr/adm/sm.bin/vacation''.

System administrators should be conservative about populating /usr/adm/sm.bin. Reasonable additions are vacation(1), procmail(1), and the like. No matter how brow-beaten you may be, never include any shell or shell-like program (such as perl(1)) in the sm.bin directory. Note that this does not restrict the use of shell or perl scripts in the sm.bin directory (using the ``#!'' syntax); it simply disallows execution of arbitrary programs.

COMPILATION

Compilation should be trivial on most systems. You may need to use -DPATH=\"path\" to adjust the default search path (defaults to ``/bin:/usr/bin:/usr/ucb'') and/or -DCMDBIN=\"dir\" to change the default program directory (defaults to ``/usr/adm/sm.bin'').

FILES

/usr/adm/sm.bin - directory for restricted programs

This document was created by man2html, using the manual pages.
Time: 10:49:53 GMT, October 03, 2024