/* Void Main's man pages */
{ phpMan } else { main(); }
SMRSH(8) SMRSH(8)
NAME
smrsh - restricted shell for sendmail
SYNOPSIS
smrsh -c command
DESCRIPTION
The smrsh program is intended as a replacement for sh for use in the ``prog'' mailer in sendmail(8) configuration files.
It sharply limits the commands that can be run using the ``|program'' syntax of sendmail in order to improve the over all
security of your system. Briefly, even if a ``bad guy'' can get sendmail to run a program without going through an alias
or forward file, smrsh limits the set of programs that he or she can execute.
Briefly, smrsh limits programs to be in a single directory, by default /etc/smrsh, allowing the system administrator to
choose the set of acceptable commands, and to the shell builtin commands ``exec'', ``exit'', and ``echo''. It also
rejects any commands with the characters ``', `<', `>', `;', `$', `(', `)', `\r' (carriage return), or `\n' (newline) on
the command line to prevent ``end run'' attacks. It allows ``||'' and ``&&'' to enable commands like: ``"|exec
/usr/local/bin/filter || exit 75"''
Initial pathnames on programs are stripped, so forwarding to ``/usr/ucb/vacation'', ``/usr/bin/vacation'',
``/home/server/mydir/bin/vacation'', and ``vacation'' all actually forward to ``/etc/smrsh/vacation''.
System administrators should be conservative about populating the /etc/smrsh directory. For example, a reasonable addi-
tions is vacation(1), and the like. No matter how brow-beaten you may be, never include any shell or shell-like program
(such as perl(1)) in the /etc/smrsh directory. Note that this does not restrict the use of shell or perl scripts in the
sm.bin directory (using the ``#!'' syntax); it simply disallows execution of arbitrary programs. Also, including mail
filtering programs such as procmail(1) is a very bad idea. procmail(1) allows users to run arbitrary programs in their
procmailrc(5).
FILES
/etc/smrsh - directory for restricted programs
SEE ALSO
sendmail(8)
$Date: 2004/08/06 03:55:35 $ SMRSH(8)
