On 29-Dec-2006, at 11:38, Ryan Steele wrote:
Although, you would think that, since /bin/sh is pretty much a
known quantity in POSIX, that either it or execv would default to
like that instead of the user's login shell, which on many systems
mail servers) are set to /bin/false,
If the shell is set to /bin/false then it is likely because the
admins do not WANT the users spawning shells.
Personally, I think the ability of procmail to spawn a shell that
overrides the user's default could fairly be considered a security
risk and if procmail were being developed that would likely be
something that would be removed and/or handled in an entirely
different way (perhaps something like chroot jail or something).
Against stupidity the gods themselves contend in vain.
procmail mailing list Procmail homepage: http://www.procmail.org/