SMRSH(8) Maintenance Procedures SMRSH(8)


smrsh - restricted shell for sendmail


smrsh -c command


The smrsh program is intended as a replacement for the sh command in the
prog mailer in sendmail(8) configuration files. The smrsh program sharply
limits commands that can be run using the |program syntax of sendmail.
This improves overall system security. smrsh limits the set of programs
that a programmer can execute, even if sendmail runs a program without
going through an alias or forward file.

Briefly, smrsh limits programs to be in the directory /var/adm/sm.bin,
allowing system administrators to choose the set of acceptable commands.
It also rejects any commands with the characters: ,, <, >, |, ;, &, $, \r
(RETURN), or \n (NEWLINE) on the command line to prevent end run attacks.

Initial pathnames on programs are stripped, so forwarding to
/usr/ucb/vacation, /usr/bin/vacation, /home/server/mydir/bin/vacation,
and vacation all actually forward to /var/adm/sm.bin/vacation.

System administrators should be conservative about populating
/var/adm/sm.bin. Reasonable additions are utilities such as vacation(1)
and procmail. Never include any shell or shell-like program (for example,
perl) in the sm.bin directory. This does not restrict the use of shell or
perl scrips in the sm.bin directory (using the #! syntax); it simply
disallows the execution of arbitrary programs.


The following options are supported:

-c command
Where command is a valid command, executes command.


directory for restricted programs


attributes(7), sendmail(8)

June 20, 2021 SMRSH(8)