183 lines
6.6 KiB
Diff
183 lines
6.6 KiB
Diff
diff -up sendmail-8.14.3/smrsh/README.smrsh_paths sendmail-8.14.3/smrsh/README
|
|
--- sendmail-8.14.3/smrsh/README.smrsh_paths 2008-02-12 17:40:06.000000000 +0100
|
|
+++ sendmail-8.14.3/smrsh/README 2008-07-15 14:40:36.000000000 +0200
|
|
@@ -6,7 +6,7 @@ Software Engineering Institute, Carnegie
|
|
intended as a supplement to the CERT advisory CA-93:16.sendmail.vulnerability,
|
|
and to the software, smrsh.c, written by Eric Allman.
|
|
|
|
-
|
|
+* Modified by Red Hat, Inc., to reflect different paths. *
|
|
|
|
The smrsh(8) program is intended as a replacement for /bin/sh in the
|
|
program mailer definition of sendmail(8). This README file describes
|
|
@@ -56,15 +56,15 @@ These can be added to the devtools/Site/
|
|
global M4 macro confENVDEF or the smrsh specific M4 macro
|
|
conf_smrsh_ENVDEF.
|
|
|
|
-As root, install smrsh in /usr/libexec. Using the Build script:
|
|
+As root, install smrsh in /usr/sbin. Using the Build script:
|
|
|
|
host.domain# sh ./Build install
|
|
|
|
-For manual installation: install smrsh in the /usr/libexec
|
|
+For manual installation: install smrsh in the /usr/sbin
|
|
directory, with mode 511.
|
|
|
|
- host.domain# mv smrsh /usr/libexec
|
|
- host.domain# chmod 511 /usr/libexec/smrsh
|
|
+ host.domain# mv smrsh /usr/sbin
|
|
+ host.domain# chmod 511 /usr/sbin/smrsh
|
|
|
|
|
|
|
|
@@ -86,7 +86,7 @@ perl(1), uudecode(1) or the stream edito
|
|
acceptable commands.
|
|
|
|
If your platform doesn't have a default SMRSH_CMDDIR setting, you will
|
|
-next need to create the directory /usr/adm/sm.bin and populate
|
|
+next need to create the directory /etc/smrsh and populate
|
|
it with the programs that your site feels are allowable for sendmail
|
|
to execute. This directory is explicitly specified in the source
|
|
code for smrsh, so changing this directory must be accompanied with
|
|
@@ -95,22 +95,22 @@ a change in smrsh.c.
|
|
|
|
You will have to be root to make these modifications.
|
|
|
|
-After creating the /usr/adm/sm.bin directory, either copy the programs
|
|
+After creating the /etc/smrsh directory, either copy the programs
|
|
to the directory, or establish links to the allowable programs from
|
|
-/usr/adm/sm.bin. Change the file permissions, so that these programs
|
|
+/etc/smrsh. Change the file permissions, so that these programs
|
|
can not be modified by non-root users. If you use links, you should
|
|
ensure that the target programs are not modifiable.
|
|
|
|
To allow the popular vacation(1) program by creating a link in the
|
|
-/usr/adm/sm.bin directory, you should:
|
|
+/etc/smrsh directory, you should:
|
|
|
|
- host.domain# cd /usr/adm/sm.bin
|
|
+ host.domain# cd /etc/smrsh
|
|
host.domain# ln -s /usr/ucb/vacation vacation
|
|
|
|
|
|
|
|
|
|
-After populating the /usr/adm/sm.bin directory, you can now configure
|
|
+After populating the /etc/smrsh directory, you can now configure
|
|
sendmail to use the restricted shell. Save the current sendmail.cf
|
|
file prior to modifying it, as a prudent precaution.
|
|
|
|
@@ -125,7 +125,7 @@ help to locate it.
|
|
|
|
In order to configure sendmail to use smrsh, you must modify the Mprog
|
|
definition in the sendmail.cf file, by replacing the /bin/sh specification
|
|
-with /usr/libexec/smrsh.
|
|
+with /usr/sbin/smrsh.
|
|
|
|
As an example:
|
|
|
|
@@ -133,14 +133,14 @@ In most Sun Microsystems' sendmail.cf fi
|
|
Mprog, P=/bin/sh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
|
|
|
|
which should be changed to:
|
|
-Mprog, P=/usr/libexec/smrsh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
|
|
- ^^^^^^^^^^^^^^^^^^
|
|
+Mprog, P=/usr/sbin/smrsh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
|
|
+ ^^^^^^^^^^^^^^^^
|
|
|
|
A more generic line may be:
|
|
Mprog, P=/bin/sh, F=lsDFM, A=sh -c $u
|
|
|
|
and should be changed to;
|
|
-Mprog, P=/usr/libexec/smrsh, F=lsDFM, A=sh -c $u
|
|
+Mprog, P=/usr/sbin/smrsh, F=lsDFM, A=sh -c $u
|
|
|
|
|
|
After modifying the Mprog definition in the sendmail.cf file, if a frozen
|
|
@@ -151,7 +151,7 @@ or /etc/mail directories. The specific
|
|
a search of the strings(1) output of the sendmail binary.
|
|
|
|
In order to create a new frozen configuration, if it is required:
|
|
- host.domain# /usr/lib/sendmail -bz
|
|
+ host.domain# /usr/sbin/sendmail -bz
|
|
|
|
Now re-start the sendmail process. An example of how to do this on
|
|
a typical system follows:
|
|
diff -up sendmail-8.14.3/smrsh/smrsh.8.smrsh_paths sendmail-8.14.3/smrsh/smrsh.8
|
|
--- sendmail-8.14.3/smrsh/smrsh.8.smrsh_paths 2004-08-06 05:55:35.000000000 +0200
|
|
+++ sendmail-8.14.3/smrsh/smrsh.8 2008-07-15 14:38:07.000000000 +0200
|
|
@@ -39,7 +39,7 @@ Briefly,
|
|
.I smrsh
|
|
limits programs to be in a single directory,
|
|
by default
|
|
-/usr/adm/sm.bin,
|
|
+/etc/smrsh,
|
|
allowing the system administrator to choose the set of acceptable commands,
|
|
and to the shell builtin commands ``exec'', ``exit'', and ``echo''.
|
|
It also rejects any commands with the characters
|
|
@@ -56,10 +56,10 @@ so forwarding to ``/usr/ucb/vacation'',
|
|
and
|
|
``vacation''
|
|
all actually forward to
|
|
-``/usr/adm/sm.bin/vacation''.
|
|
+``/etc/smrsh/vacation''.
|
|
.PP
|
|
System administrators should be conservative about populating
|
|
-the sm.bin directory.
|
|
+the /etc/smrsh directory.
|
|
For example, a reasonable additions is
|
|
.IR vacation (1),
|
|
and the like.
|
|
@@ -68,7 +68,7 @@ never include any shell or shell-like pr
|
|
(such as
|
|
.IR perl (1))
|
|
in the
|
|
-sm.bin
|
|
+/etc/smrsh
|
|
directory.
|
|
Note that this does not restrict the use of shell or perl scripts
|
|
in the sm.bin directory (using the ``#!'' syntax);
|
|
@@ -79,20 +79,7 @@ is a very bad idea.
|
|
.IR procmail (1)
|
|
allows users to run arbitrary programs in their
|
|
.IR procmailrc (5).
|
|
-.SH COMPILATION
|
|
-Compilation should be trivial on most systems.
|
|
-You may need to use \-DSMRSH_PATH=\e"\fIpath\fP\e"
|
|
-to adjust the default search path
|
|
-(defaults to ``/bin:/usr/bin:/usr/ucb'')
|
|
-and/or \-DSMRSH_CMDDIR=\e"\fIdir\fP\e"
|
|
-to change the default program directory
|
|
-(defaults to ``/usr/adm/sm.bin'').
|
|
.SH FILES
|
|
-/usr/adm/sm.bin \- default directory for restricted programs on most OSs
|
|
-.PP
|
|
-/var/adm/sm.bin \- directory for restricted programs on HP UX and Solaris
|
|
-.PP
|
|
-/usr/libexec/sm.bin \- directory for restricted programs on FreeBSD (>= 3.3) and DragonFly BSD
|
|
-
|
|
+/etc/smrsh \- directory for restricted programs
|
|
.SH SEE ALSO
|
|
sendmail(8)
|
|
diff -up sendmail-8.14.3/smrsh/smrsh.c.smrsh_paths sendmail-8.14.3/smrsh/smrsh.c
|
|
--- sendmail-8.14.3/smrsh/smrsh.c.smrsh_paths 2004-08-06 20:54:22.000000000 +0200
|
|
+++ sendmail-8.14.3/smrsh/smrsh.c 2008-07-15 14:38:07.000000000 +0200
|
|
@@ -77,7 +77,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.65 20
|
|
# ifdef SMRSH_CMDDIR
|
|
# define CMDDIR SMRSH_CMDDIR
|
|
# else /* SMRSH_CMDDIR */
|
|
-# define CMDDIR "/usr/adm/sm.bin"
|
|
+# define CMDDIR "/etc/smrsh"
|
|
# endif /* SMRSH_CMDDIR */
|
|
#endif /* ! CMDDIR */
|
|
|
|
@@ -89,7 +89,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.65 20
|
|
# ifdef SMRSH_PATH
|
|
# define PATH SMRSH_PATH
|
|
# else /* SMRSH_PATH */
|
|
-# define PATH "/bin:/usr/bin:/usr/ucb"
|
|
+# define PATH "/bin:/usr/bin"
|
|
# endif /* SMRSH_PATH */
|
|
#endif /* ! PATH */
|
|
|