- new version 8.14.3
This commit is contained in:
Thomas Woerner
parent
2efad7aefa
commit
3499507a41
@ -9,3 +9,4 @@ sendmail.8.13.8.tar.gz
|
||||
sendmail.8.14.0.tar.gz
|
||||
sendmail.8.14.1.tar.gz
|
||||
sendmail.8.14.2.tar.gz
|
||||
sendmail.8.14.3.tar.gz
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
--- sendmail-8.13.2/smrsh/README.smrsh_paths 2003-05-26 06:30:58.000000000 +0200
|
||||
+++ sendmail-8.13.2/smrsh/README 2004-12-17 15:41:48.673691404 +0100
|
||||
@@ -6,7 +6,7 @@
|
||||
diff -up sendmail-8.14.3/smrsh/README.smrsh_paths sendmail-8.14.3/smrsh/README
|
||||
--- sendmail-8.14.3/smrsh/README.smrsh_paths 2008-02-12 17:40:06.000000000 +0100
|
||||
+++ sendmail-8.14.3/smrsh/README 2008-07-15 14:40:36.000000000 +0200
|
||||
@@ -6,7 +6,7 @@ Software Engineering Institute, Carnegie
|
||||
intended as a supplement to the CERT advisory CA-93:16.sendmail.vulnerability,
|
||||
and to the software, smrsh.c, written by Eric Allman.
|
||||
|
||||
@ -9,14 +10,14 @@
|
||||
|
||||
The smrsh(8) program is intended as a replacement for /bin/sh in the
|
||||
program mailer definition of sendmail(8). This README file describes
|
||||
@@ -56,15 +56,15 @@
|
||||
@@ -56,15 +56,15 @@ These can be added to the devtools/Site/
|
||||
global M4 macro confENVDEF or the smrsh specific M4 macro
|
||||
conf_smrsh_ENVDEF.
|
||||
|
||||
-As root, install smrsh in /usr/libexec. Using the Build script:
|
||||
+As root, install smrsh in /usr/sbin. Using the Build script:
|
||||
|
||||
host.domain# sh Build install
|
||||
host.domain# sh ./Build install
|
||||
|
||||
-For manual installation: install smrsh in the /usr/libexec
|
||||
+For manual installation: install smrsh in the /usr/sbin
|
||||
@ -29,7 +30,7 @@
|
||||
|
||||
|
||||
|
||||
@@ -86,7 +86,7 @@
|
||||
@@ -86,7 +86,7 @@ perl(1), uudecode(1) or the stream edito
|
||||
acceptable commands.
|
||||
|
||||
If your platform doesn't have a default SMRSH_CMDDIR setting, you will
|
||||
@ -38,7 +39,7 @@
|
||||
it with the programs that your site feels are allowable for sendmail
|
||||
to execute. This directory is explicitly specified in the source
|
||||
code for smrsh, so changing this directory must be accompanied with
|
||||
@@ -95,22 +95,22 @@
|
||||
@@ -95,22 +95,22 @@ a change in smrsh.c.
|
||||
|
||||
You will have to be root to make these modifications.
|
||||
|
||||
@ -66,7 +67,7 @@
|
||||
sendmail to use the restricted shell. Save the current sendmail.cf
|
||||
file prior to modifying it, as a prudent precaution.
|
||||
|
||||
@@ -125,7 +125,7 @@
|
||||
@@ -125,7 +125,7 @@ help to locate it.
|
||||
|
||||
In order to configure sendmail to use smrsh, you must modify the Mprog
|
||||
definition in the sendmail.cf file, by replacing the /bin/sh specification
|
||||
@ -75,7 +76,7 @@
|
||||
|
||||
As an example:
|
||||
|
||||
@@ -133,14 +133,14 @@
|
||||
@@ -133,14 +133,14 @@ In most Sun Microsystems' sendmail.cf fi
|
||||
Mprog, P=/bin/sh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
|
||||
|
||||
which should be changed to:
|
||||
@ -93,7 +94,7 @@
|
||||
|
||||
|
||||
After modifying the Mprog definition in the sendmail.cf file, if a frozen
|
||||
@@ -151,7 +151,7 @@
|
||||
@@ -151,7 +151,7 @@ or /etc/mail directories. The specific
|
||||
a search of the strings(1) output of the sendmail binary.
|
||||
|
||||
In order to create a new frozen configuration, if it is required:
|
||||
@ -102,29 +103,10 @@
|
||||
|
||||
Now re-start the sendmail process. An example of how to do this on
|
||||
a typical system follows:
|
||||
--- sendmail-8.13.2/smrsh/smrsh.c.smrsh_paths 2004-08-06 20:54:22.000000000 +0200
|
||||
+++ sendmail-8.13.2/smrsh/smrsh.c 2004-12-17 15:41:48.675691131 +0100
|
||||
@@ -77,7 +77,7 @@
|
||||
# ifdef SMRSH_CMDDIR
|
||||
# define CMDDIR SMRSH_CMDDIR
|
||||
# else /* SMRSH_CMDDIR */
|
||||
-# define CMDDIR "/usr/adm/sm.bin"
|
||||
+# define CMDDIR "/etc/smrsh"
|
||||
# endif /* SMRSH_CMDDIR */
|
||||
#endif /* ! CMDDIR */
|
||||
|
||||
@@ -89,7 +89,7 @@
|
||||
# ifdef SMRSH_PATH
|
||||
# define PATH SMRSH_PATH
|
||||
# else /* SMRSH_PATH */
|
||||
-# define PATH "/bin:/usr/bin:/usr/ucb"
|
||||
+# define PATH "/bin:/usr/bin"
|
||||
# endif /* SMRSH_PATH */
|
||||
#endif /* ! PATH */
|
||||
|
||||
--- sendmail-8.13.2/smrsh/smrsh.8.smrsh_paths 2004-08-06 05:55:35.000000000 +0200
|
||||
+++ sendmail-8.13.2/smrsh/smrsh.8 2004-12-17 15:42:56.785371918 +0100
|
||||
@@ -39,7 +39,7 @@
|
||||
diff -up sendmail-8.14.3/smrsh/smrsh.8.smrsh_paths sendmail-8.14.3/smrsh/smrsh.8
|
||||
--- sendmail-8.14.3/smrsh/smrsh.8.smrsh_paths 2004-08-06 05:55:35.000000000 +0200
|
||||
+++ sendmail-8.14.3/smrsh/smrsh.8 2008-07-15 14:38:07.000000000 +0200
|
||||
@@ -39,7 +39,7 @@ Briefly,
|
||||
.I smrsh
|
||||
limits programs to be in a single directory,
|
||||
by default
|
||||
@ -133,7 +115,7 @@
|
||||
allowing the system administrator to choose the set of acceptable commands,
|
||||
and to the shell builtin commands ``exec'', ``exit'', and ``echo''.
|
||||
It also rejects any commands with the characters
|
||||
@@ -56,10 +56,10 @@
|
||||
@@ -56,10 +56,10 @@ so forwarding to ``/usr/ucb/vacation'',
|
||||
and
|
||||
``vacation''
|
||||
all actually forward to
|
||||
@ -146,7 +128,7 @@
|
||||
For example, a reasonable additions is
|
||||
.IR vacation (1),
|
||||
and the like.
|
||||
@@ -68,7 +68,7 @@
|
||||
@@ -68,7 +68,7 @@ never include any shell or shell-like pr
|
||||
(such as
|
||||
.IR perl (1))
|
||||
in the
|
||||
@ -155,7 +137,7 @@
|
||||
directory.
|
||||
Note that this does not restrict the use of shell or perl scripts
|
||||
in the sm.bin directory (using the ``#!'' syntax);
|
||||
@@ -79,20 +79,7 @@
|
||||
@@ -79,20 +79,7 @@ is a very bad idea.
|
||||
.IR procmail (1)
|
||||
allows users to run arbitrary programs in their
|
||||
.IR procmailrc (5).
|
||||
@ -177,3 +159,24 @@
|
||||
+/etc/smrsh \- directory for restricted programs
|
||||
.SH SEE ALSO
|
||||
sendmail(8)
|
||||
diff -up sendmail-8.14.3/smrsh/smrsh.c.smrsh_paths sendmail-8.14.3/smrsh/smrsh.c
|
||||
--- sendmail-8.14.3/smrsh/smrsh.c.smrsh_paths 2004-08-06 20:54:22.000000000 +0200
|
||||
+++ sendmail-8.14.3/smrsh/smrsh.c 2008-07-15 14:38:07.000000000 +0200
|
||||
@@ -77,7 +77,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.65 20
|
||||
# ifdef SMRSH_CMDDIR
|
||||
# define CMDDIR SMRSH_CMDDIR
|
||||
# else /* SMRSH_CMDDIR */
|
||||
-# define CMDDIR "/usr/adm/sm.bin"
|
||||
+# define CMDDIR "/etc/smrsh"
|
||||
# endif /* SMRSH_CMDDIR */
|
||||
#endif /* ! CMDDIR */
|
||||
|
||||
@@ -89,7 +89,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.65 20
|
||||
# ifdef SMRSH_PATH
|
||||
# define PATH SMRSH_PATH
|
||||
# else /* SMRSH_PATH */
|
||||
-# define PATH "/bin:/usr/bin:/usr/ucb"
|
||||
+# define PATH "/bin:/usr/bin"
|
||||
# endif /* SMRSH_PATH */
|
||||
#endif /* ! PATH */
|
||||
|
||||
@ -14,8 +14,8 @@
|
||||
|
||||
Summary: A widely used Mail Transport Agent (MTA)
|
||||
Name: sendmail
|
||||
Version: 8.14.2
|
||||
Release: 5%{?dist}
|
||||
Version: 8.14.3
|
||||
Release: 1%{?dist}
|
||||
License: Sendmail
|
||||
Group: System Environment/Daemons
|
||||
URL: http://www.sendmail.org/
|
||||
@ -36,7 +36,7 @@ Source15: sendmail-etc-mail-mailertable
|
||||
Source16: sendmail-etc-mail-trusted-users
|
||||
Source17: sendmail-etc-mail-virtusertable
|
||||
Patch3: sendmail-8.14.0-makemapman.patch
|
||||
Patch4: sendmail-8.13.2-smrsh-paths.patch
|
||||
Patch4: sendmail-8.14.3-smrsh_paths.patch
|
||||
Patch5: sendmail-8.12.2-movefiles.patch
|
||||
Patch7: sendmail-8.13.7-pid.patch
|
||||
Patch9: sendmail-8.12.7-hesiod.patch
|
||||
@ -539,6 +539,9 @@ exit 0
|
||||
|
||||
|
||||
%changelog
|
||||
* Tue Jul 22 2008 Thomas Woerner <twoerner@redhat.com> 8.14.3-1
|
||||
- new version 8.14.3
|
||||
|
||||
* Thu Jul 10 2008 Tom "spot" Callaway <tcallawa@redhat.com> 8.14.2-5
|
||||
- rebuild against db4-4.7
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user