summaryrefslogtreecommitdiffstats
path: root/contrib/sendmail/smrsh/smrsh.8
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/sendmail/smrsh/smrsh.8')
-rw-r--r--contrib/sendmail/smrsh/smrsh.883
1 files changed, 83 insertions, 0 deletions
diff --git a/contrib/sendmail/smrsh/smrsh.8 b/contrib/sendmail/smrsh/smrsh.8
new file mode 100644
index 0000000..067eaf3
--- /dev/null
+++ b/contrib/sendmail/smrsh/smrsh.8
@@ -0,0 +1,83 @@
+.\" Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+.\" Copyright (c) 1993 Eric P. Allman. All rights reserved.
+.\" Copyright (c) 1993
+.\" The Regents of the University of California. All rights reserved.
+.\"
+.\" By using this file, you agree to the terms and conditions set
+.\" forth in the LICENSE file which can be found at the top level of
+.\" the sendmail distribution.
+.\"
+.\"
+.\" @(#)smrsh.8 8.7 (Berkeley) 5/19/98
+.\"
+.TH SMRSH 8 11/02/93
+.SH NAME
+smrsh \- restricted shell for sendmail
+.SH SYNOPSIS
+.B smrsh
+.B \-c
+command
+.SH DESCRIPTION
+The
+.I smrsh
+program is intended as a replacement for
+.I sh
+for use in the ``prog'' mailer in
+.IR sendmail (8)
+configuration files.
+It sharply limits the commands that can be run using the
+``|program'' syntax of
+.I sendmail
+in order to improve the over all security of your system.
+Briefly, even if a ``bad guy'' can get sendmail to run a program
+without going through an alias or forward file,
+.I smrsh
+limits the set of programs that he or she can execute.
+.PP
+Briefly,
+.I smrsh
+limits programs to be in the directory
+/usr/adm/sm.bin,
+allowing the system administrator to choose the set of acceptable commands.
+It also rejects any commands with the characters
+`\`', `<', `>', `|', `;', `&', `$', `(', `)', `\er' (carriage return),
+or `\en' (newline)
+on the command line to prevent ``end run'' attacks.
+.PP
+Initial pathnames on programs are stripped,
+so forwarding to ``/usr/ucb/vacation'',
+``/usr/bin/vacation'',
+``/home/server/mydir/bin/vacation'',
+and
+``vacation''
+all actually forward to
+``/usr/adm/sm.bin/vacation''.
+.PP
+System administrators should be conservative about populating
+/usr/adm/sm.bin.
+Reasonable additions are
+.IR vacation (1),
+.IR procmail (1),
+and the like.
+No matter how brow-beaten you may be,
+never include any shell or shell-like program
+(such as
+.IR perl (1))
+in the
+sm.bin
+directory.
+Note that this does not restrict the use of shell or perl scripts
+in the sm.bin directory (using the ``#!'' syntax);
+it simply disallows execution of arbitrary programs.
+.SH COMPILATION
+Compilation should be trivial on most systems.
+You may need to use \-DPATH=\e"\fIpath\fP\e"
+to adjust the default search path
+(defaults to ``/bin:/usr/bin:/usr/ucb'')
+and/or \-DCMDBIN=\e"\fIdir\fP\e"
+to change the default program directory
+(defaults to ``/usr/adm/sm.bin'').
+.SH FILES
+/usr/adm/sm.bin \- directory for restricted programs
+.SH SEE ALSO
+sendmail(8)
OpenPOWER on IntegriCloud