SMRSH(8) Maintenance Procedures SMRSH(8)
NAME
smrsh - restricted shell for sendmail
SYNOPSIS
smrsh -c commandDESCRIPTION
The
smrsh program is intended as a replacement for the
sh command in the
prog mailer in
sendmail(8) configuration files. The
smrsh program sharply
limits commands that can be run using the
|program syntax of
sendmail.
This improves overall system security.
smrsh limits the set of programs
that a programmer can execute, even if
sendmail runs a program without
going through an
alias or
forward file.
Briefly,
smrsh limits programs to be in the directory
/var/adm/sm.bin,
allowing system administrators to choose the set of acceptable commands.
It also rejects any commands with the characters:
,,
<,
>,
|,
;,
&,
$,
\r (RETURN), or
\n (NEWLINE) on the command line to prevent end run attacks.
Initial pathnames on programs are stripped, so forwarding to
/usr/ucb/vacation,
/usr/bin/vacation,
/home/server/mydir/bin/vacation,
and
vacation all actually forward to
/var/adm/sm.bin/vacation.
System administrators should be conservative about populating
/var/adm/sm.bin. Reasonable additions are utilities such as
vacation(1) and
procmail. Never include any shell or shell-like program (for example,
perl) in the
sm.bin directory. This does not restrict the use of
shell or
perl scrips in the
sm.bin directory (using the
#! syntax); it simply
disallows the execution of arbitrary programs.
OPTIONS
The following options are supported:
-c command Where
command is a valid command, executes
command.
FILES
/var/adm/sm.bin directory for restricted programs
SEE ALSO
attributes(7),
sendmail(8) June 20, 2021
SMRSH(8)