1smrsh(1M) System Administration Commands smrsh(1M)
2
6 smrsh - restricted shell for sendmail
7
9 smrsh -c command
10
13 The smrsh program is intended as a replacement for the sh command in
14 the prog mailer in sendmail(1M) configuration files. The smrsh program
15 sharply limits commands that can be run using the |program syntax of
16 sendmail. This improves overall system security. smrsh limits the set
17 of programs that a programmer can execute, even if sendmail runs a pro‐
18 gram without going through an alias or forward file.
19 Briefly, smrsh limits programs to be in the directory /var/adm/sm.bin,
22 allowing system administrators to choose the set of acceptable com‐
23 mands. It also rejects any commands with the characters: ,, <, >, |, ;,
24 &, $, \r (RETURN), or \n (NEWLINE) on the command line to prevent end
25 run attacks.
26 Initial pathnames on programs are stripped, so forwarding to
29 /usr/ucb/vacation, /usr/bin/vacation, /home/server/mydir/bin/vacation,
30 and vacation all actually forward to/var/adm/sm.bin/vacation.
31 System administrators should be conservative about populating
34 /var/adm/sm.bin. Reasonable additions are utilities such as vacation(1)
35 and procmail. Never include any shell or shell-like program (for exam‐
36 ple, perl) in the sm.bin directory. This does not restrict the use of
37 shell or perl scrips in the sm.bin directory (using the #! syntax); it
38 simply disallows the execution of arbitrary programs.
39
41 The following options are supported:
42 -c command Where command is a valid command, executes command.
44
47 /var/adm/sm.bin directory for restricted programs
48
51 See attributes(5) for descriptions of the following attributes:
52 ┌─────────────────────────────┬─────────────────────────────┐
57 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
58 ├─────────────────────────────┼─────────────────────────────┤
59 │Availability │SUNWcsr, SUNWcsu │
60 └─────────────────────────────┴─────────────────────────────┘
61
63 sendmail(1M), , attributes(5)
64SunOS 5.11 6 Nov 1998 smrsh(1M)