smrsh(1M)


smrsh -- restricted shell for sendmail

Synopsis

/etc/mail/smrsh -c command

Description

The smrsh program is a replacement for sh for use in the prog mailer in sendmail(1M) configuration files. It limits the choice of commands that can be run using the |program syntax of sendmail, in order to improve the overall security of your system. Briefly, even if a intruder can get sendmail to run a program without going through an alias or forward file, smrsh limits the set of programs the user can execute.

smrsh limits programs available in the directory /usr/adm/sm.bin, allowing the system administrator to choose the set of acceptable commands, and to the shell builtin commands exec, exit, and echo. It also rejects any commands with the characters \, <, >, |, ;, &, $, (, ), <Return>, or (newline) on the command line to prevent ``end run'' access. It allows ``||'' and ``&&'' to enable constructions similar to the following:

|exec /usr/local/bin/procmail -f- /etc/procmailrcs/user || exit 75

Initial path names on programs are stripped.

System administrators should be conservative about populating /usr/adm/sm.bin. Never include any shell or shell-like program such as perl in the sm.bin directory. This does not restrict the use of shell or perl scripts in the sm.bin directory (using the #! syntax); it simply disallows execution of arbitrary programs.

Compilation should be trivial on most systems. You may need to use -DPATH=path to adjust the default search path (defaults to /bin:/usr/bin:/usr/ucb) or -DCMDBIN=dir to change the default program directory (defaults to /usr/adm/sm.bin).

Files


/usr/adm/sm.bin
Directory for restricted programs

References

sendmail(1M)
© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 25 April 2004