From owner-freebsd-questions  Fri Dec  4 17:38:18 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id RAA18859
          for freebsd-questions-outgoing; Fri, 4 Dec 1998 17:38:18 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from n4hhe.ampr.org (tnt4-138.HiWAAY.net [208.166.127.138])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA18849
          for <freebsd-questions@FreeBSD.ORG>; Fri, 4 Dec 1998 17:38:14 -0800 (PST)
          (envelope-from dkelly@n4hhe.ampr.org)
Received: from n4hhe.ampr.org (localhost.ampr.org [127.0.0.1])
	by n4hhe.ampr.org (8.9.1/8.9.1) with ESMTP id TAA19091;
	Fri, 4 Dec 1998 19:05:47 -0600 (CST)
	(envelope-from dkelly@n4hhe.ampr.org)
Message-Id: <199812050105.TAA19091@n4hhe.ampr.org>
X-Mailer: exmh version 2.0.2 2/24/98
To: mgrommet@insolwwb.net
cc: freebsd-questions@FreeBSD.ORG
From: David Kelly <dkelly@hiwaay.net>
Subject: Re: Advice on sendmail / execution of programs through .forward 
In-reply-to: Message from mike grommet <mgrommet@insolwwb.net> 
   of "Fri, 04 Dec 1998 14:06:35 CST." <A199D70FC96DD211AD1000609767926103598F@ISIMAIL> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Fri, 04 Dec 1998 19:05:46 -0600
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

mike grommet writes:
> Hi guys, I need some advice...
> 
> I block off shell access to my primary server...
> however one of my users pulled a sneaky one.
> 
> He executed a xterm shell from his .forward and had it connect to his X
> server on his personal PC... pretty slick actually, I have to give him that.
> I never even considered it.
[...]
> Now, its quite convenient to be able to run programs from .forward, procmail
> comes to mind immediately...
> 
> So what do you guys suggest to fix this problem the right way?

You could delete (comment out) this line from /etc/sendmail.cf and
disable forwarding completely:

# Forward file search path
O ForwardPath=$z/.forward.$w+$h:$z/.forward+$h:$z/.forward.$w:$z/.forward


--
David Kelly N4HHE, dkelly@nospam.hiwaay.net
=====================================================================
The human mind ordinarily operates at only ten percent of its
capacity -- the rest is overhead for the operating system.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message