Date: Mon, 25 Oct 1999 16:38:34 -0400 From: Andrew Arensburger <arensb@cfar.umd.edu> To: Paulo Fragoso <paulo@nlink.com.br> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Procmail + Sendmail Message-ID: <199910252038.QAA03330@glitnir.cfar.umd.edu> In-Reply-To: Your message of "Mon, 25 Oct 1999 08:37:33 -0200." <Pine.BSF.3.96.991025083059.28505B-100000@mirage.nlink.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 25 Oct 1999 08:37:33 -0200, Paulo Fragoso wrote: > We've got one server without shell access, only POP3, FTP and HTTP > protocol are permited. We're upgrading this machine to FreeBSD 3.3-RELEASE > and we're thinking use procmail instead mail.local. > > Are there any possible to use .procmailrc like .forward to exec any > programa (like gcc) in this machine? To block .forward we're using SMRSH > on sendmail, works fine. Any user can put anything they like in their .procmailrc, so this is a problem. One solution I've come across is to patch 'procmail' to use 'smrsh' instead of /bin/sh when executing commands. I haven't tried this yet, though, so I don't know how easy this is to do. -- Andrew Arensburger, Systems guy Center for Automation Research arensb@cfar.umd.edu University of Maryland Nine hundred years ago, I couldn't spell transcendent parahuman deity, and now I are one. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199910252038.QAA03330>