At 01:50 PM 11/6/95 +0100, Stephen R. van den Berg wrote:
[Dallman Ross wrote:]
sh: procmail not available for sendmail programs
Does that have anything to do with the results from Hal's suggestion of
grep Mprog /etc/sendmail.cf
Mprog, P=/usr/local/etc/smrsh, F=lsDFM, S=10, R=20, A=sh -c $u
Yes. Ask your sysadmin if he can include procmail in the list of
programs that are allowed to be executed by smrsh.
Okay, I did ask, but unfortunately got a negative reply. Here is a quote of
the answer:
Aus Sicherheitsgruenden ist es nicht moeglich, die Beschraenkungen der
smrsh (Sendmail restricted shell, die nach Empfehlung des CERT die
Vulnerabilitites von sendmail vermeiden soll), zu erweitern.
--
Freundliche Gruesse / Kind regards - Matthias Melcher, Tel. +49-6221-56-4523
For those needing a translation,
"As a matter of security it's not possible to extend the smrsh restrictions
(Sendmail restricted shell, used on recommendation of CERT to protect
against sendmail vulnerabilities)."
I suppose I will have to try and go with David Tamkin's kind suggestion for
filter,
always execute /u/iued/hh0/.dman/bin/procmail
I'll let you know of my progress.
Meanwhile, if anyone would like to compose a retort to the above reply and
send it to me, I'll try to work further at persuading t.p.t.b. to add
procmail to the list.
Dallman Ross