sunos man page for smrsh

Sunos Man Pages All Man Pages Latest Topics Forum Categories

Query: smrsh

OS: sunos

Section: 1m

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

smrsh(1M)						  System Administration Commands						 smrsh(1M)


NAME

       smrsh - restricted shell for sendmail


SYNOPSIS

       smrsh  -c command


DESCRIPTION

       The smrsh program is intended as a replacement for the sh command in the prog mailer in sendmail(1M) configuration files. The smrsh program
       sharply limits commands that can be run using the |program syntax of sendmail. This improves overall system security. smrsh limits the  set
       of programs that a programmer can execute, even if sendmail runs a program without going through an alias or forward file.

       Briefly,  smrsh limits programs to be in the directory /var/adm/sm.bin, allowing system administrators to choose the set of acceptable com-
       mands. It also rejects any commands with the characters: ,, <, >, |, ;, &, $, 
 (<RETURN>), or 
 (<NEWLINE>) on the command line to  pre-
       vent end run attacks.

       Initial	pathnames  on  programs  are stripped, so forwarding to /usr/ucb/vacation, /usr/bin/vacation, /home/server/mydir/bin/vacation, and
       vacation all actually forward to/var/adm/sm.bin/vacation.

       System administrators should be conservative about populating /var/adm/sm.bin. Reasonable additions are utilities such as  vacation(1)  and
       procmail.  Never  include  any  shell  or shell-like program (for example, perl) in the sm.bin directory. This does not restrict the use of
       shell or perl scrips in the sm.bin directory (using the #! syntax); it simply disallows the execution of arbitrary programs.


OPTIONS

       The following options are supported:

       -c command

	   Where command is a valid command, executes command.


FILES

       /var/adm/sm.bin	       directory for restricted programs


ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsr, SUNWcsu		   |
       +-----------------------------+-----------------------------+


SEE ALSO

       sendmail(1M), , attributes(5)

SunOS 5.10							    6 Nov 1998								 smrsh(1M)
Related Man Pages
smrsh(8) - debian
vacation(1) - centos
vacation(1) - freebsd
vacation(1) - redhat
vacation.sendmail(1) - debian
Similar Topics in the Unix Linux Community
Printing in Bold
Help required with using system() call
Needed a help in inserting a new line!!!
using awk in perl with split command
Need help on how to execute several programs