sunos man page for smrsh

Sunos Man Pages All Man Pages Latest Topics Forum Categories

Query: smrsh

OS: sunos

Section: 1m

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

smrsh(1M)						  System Administration Commands						 smrsh(1M)


NAME

       smrsh - restricted shell for sendmail


SYNOPSIS

       smrsh  -c command


DESCRIPTION

       The smrsh program is intended as a replacement for the sh command in the prog mailer in sendmail(1M) configuration files. The smrsh program
       sharply limits commands that can be run using the |program syntax of sendmail. This improves overall system security. smrsh limits the  set
       of programs that a programmer can execute, even if sendmail runs a program without going through an alias or forward file.

       Briefly,  smrsh limits programs to be in the directory /var/adm/sm.bin, allowing system administrators to choose the set of acceptable com-
       mands. It also rejects any commands with the characters: ,, <, >, |, ;, &, $, 
 (<RETURN>), or 
 (<NEWLINE>) on the command line to  pre-
       vent end run attacks.

       Initial	pathnames  on  programs  are stripped, so forwarding to /usr/ucb/vacation, /usr/bin/vacation, /home/server/mydir/bin/vacation, and
       vacation all actually forward to/var/adm/sm.bin/vacation.

       System administrators should be conservative about populating /var/adm/sm.bin. Reasonable additions are utilities such as  vacation(1)  and
       procmail.  Never  include  any  shell  or shell-like program (for example, perl) in the sm.bin directory. This does not restrict the use of
       shell or perl scrips in the sm.bin directory (using the #! syntax); it simply disallows the execution of arbitrary programs.


OPTIONS

       The following options are supported:

       -c command

	   Where command is a valid command, executes command.


FILES

       /var/adm/sm.bin	       directory for restricted programs


ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsr, SUNWcsu		   |
       +-----------------------------+-----------------------------+


SEE ALSO

       sendmail(1M), , attributes(5)

SunOS 5.10							    6 Nov 1998								 smrsh(1M)
Related Man Pages
smrsh(1m) - sunos
smrsh(8) - redhat
forward(4) - osf1
mailstats(8) - osf1
vacation(1) - centos
Similar Topics in the Unix Linux Community
How Much Vacation Do You Take Every Year?
Help required with using system() call
runlevel issue
Need help on how to execute several programs
Error attempting to run alsamixer