smrsh(1M) System Administration Commands smrsh(1M)NAMEsmrsh - restricted shell for sendmail
SYNOPSISsmrsh-c command
DESCRIPTION
The smrsh program is intended as a replacement for the sh command in
the prog mailer in sendmail(1M) configuration files. The smrsh program
sharply limits commands that can be run using the |program syntax of
sendmail. This improves overall system security. smrsh limits the set
of programs that a programmer can execute, even if sendmail runs a pro‐
gram without going through an alias or forward file.
Briefly, smrsh limits programs to be in the directory /var/adm/sm.bin,
allowing system administrators to choose the set of acceptable com‐
mands. It also rejects any commands with the characters: ,, <, >, |, ;,
&, $, \r (<RETURN>), or \n (<NEWLINE>) on the command line to prevent
end run attacks.
Initial pathnames on programs are stripped, so forwarding to
/usr/ucb/vacation, /usr/bin/vacation, /home/server/mydir/bin/vacation,
and vacation all actually forward to/var/adm/sm.bin/vacation.
System administrators should be conservative about populating
/var/adm/sm.bin. Reasonable additions are utilities such as vacation(1)
and procmail. Never include any shell or shell-like program (for exam‐
ple, perl) in the sm.bin directory. This does not restrict the use of
shell or perl scrips in the sm.bin directory (using the #! syntax); it
simply disallows the execution of arbitrary programs.
OPTIONS
The following options are supported:
-c command
Where command is a valid command, executes command.
FILES
/var/adm/sm.bin directory for restricted programs
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
┌─────────────────────────────┬─────────────────────────────┐
│ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
├─────────────────────────────┼─────────────────────────────┤
│Availability │SUNWcsr, SUNWcsu │
└─────────────────────────────┴─────────────────────────────┘
SEE ALSOsendmail(1M), , attributes(5)SunOS 5.10 6 Nov 1998 smrsh(1M)