SMRSH(8) Maintenance Commands and Procedures SMRSH(8)
NAME
smrsh - restricted shell for sendmail
SYNOPSIS
smrsh -c commandDESCRIPTION
The
smrsh program is intended as a replacement for the
sh command in
the
prog mailer in
sendmail(8) configuration files. The
smrsh program
sharply limits commands that can be run using the
|program syntax of
sendmail. This improves overall system security.
smrsh limits the
set of programs that a programmer can execute, even if
sendmail runs
a program without going through an
alias or
forward file.
Briefly,
smrsh limits programs to be in the directory
/var/adm/sm.bin, allowing system administrators to choose the set of
acceptable commands. It also rejects any commands with the
characters:
,,
<,
>,
|,
;,
&,
$,
\r (RETURN), or
\n (NEWLINE) on the
command line to prevent end run attacks.
Initial pathnames on programs are stripped, so forwarding to
/usr/ucb/vacation,
/usr/bin/vacation,
/home/server/mydir/bin/vacation, and
vacation all actually forward to
/var/adm/sm.bin/vacation.
System administrators should be conservative about populating
/var/adm/sm.bin. Reasonable additions are utilities such as
vacation(1) and
procmail. Never include any shell or shell-like
program (for example,
perl) in the
sm.bin directory. This does not
restrict the use of
shell or
perl scrips in the
sm.bin directory
(using the
#! syntax); it simply disallows the execution of arbitrary
programs.
OPTIONS
The following options are supported:
-c command Where
command is a valid command, executes
command.
FILES
/var/adm/sm.bin directory for restricted programs
SEE ALSO
attributes(7),
sendmail(8) June 20, 2021 SMRSH(8)
