1 .\" Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers.
2 .\" All rights reserved.
3 .\" Copyright (c) 1993 Eric P. Allman. All rights reserved.
5 .\" The Regents of the University of California. All rights reserved.
7 .\" By using this file, you agree to the terms and conditions set
8 .\" forth in the LICENSE file which can be found at the top level of
9 .\" the sendmail distribution.
12 .\" $Id: smrsh.8,v 8.16 2002/04/25 13:33:40 ca Exp $
14 .TH SMRSH 8 "$Date: 2001/01/24 00:40:47 $"
16 smrsh \- restricted shell for sendmail
24 program is intended as a replacement for
26 for use in the ``prog'' mailer in
29 It sharply limits the commands that can be run using the
30 ``|program'' syntax of
32 in order to improve the over all security of your system.
33 Briefly, even if a ``bad guy'' can get sendmail to run a program
34 without going through an alias or forward file,
36 limits the set of programs that he or she can execute.
40 limits programs to be in a single directory,
43 allowing the system administrator to choose the set of acceptable commands,
44 and to the shell builtin commands ``exec'', ``exit'', and ``echo''.
45 It also rejects any commands with the characters
46 `\`', `<', `>', `;', `$', `(', `)', `\er' (carriage return),
48 on the command line to prevent ``end run'' attacks.
49 It allows ``||'' and ``&&'' to enable commands like:
50 ``"|exec /usr/local/bin/procmail -f- /etc/procmailrcs/user || exit 75"''
52 Initial pathnames on programs are stripped,
53 so forwarding to ``/usr/bin/vacation'',
54 ``/home/server/mydir/bin/vacation'',
57 all actually forward to
58 ``/usr/libexec/sm.bin/vacation''.
60 System administrators should be conservative about populating
62 Reasonable additions are
66 No matter how brow-beaten you may be,
67 never include any shell or shell-like program
73 Note that this does not restrict the use of shell or perl scripts
74 in the sm.bin directory (using the ``#!'' syntax);
75 it simply disallows execution of arbitrary programs.
77 Compilation should be trivial on most systems.
78 You may need to use \-DSMRSH_PATH=\e"\fIpath\fP\e"
79 to adjust the default search path
80 (defaults to ``/bin:/usr/bin'')
81 and/or \-DSMRSH_CMDDIR=\e"\fIdir\fP\e"
82 to change the default program directory
83 (defaults to ``/usr/libexec/sm.bin'').
85 /usr/libexec/sm.bin \- directory for restricted programs
88 .\" $FreeBSD: src/contrib/sendmail/smrsh/smrsh.8,v 1.3.6.5 2002/09/03 01:50:13 gshapiro Exp $