We've been running 3.11pre1 on a DEC Alpha AXP 4000 running OSF/1 3.0
for some time with no difficulties, and I've been playing with pre3 for
a while. We're not calling procmail from inside sendmail.cf; just from
individual .forward's on a per-user basis. Recently our mail admin
decided to implement sendmail 8.7.1 with the sendmail_restricted_shell
(smrsh) for increased security. Smrsh needs a list of the valid
programs to which users may pipe their mail, and procmail is included
in that list.
However, when we tested it, smrsh was unhappy about the && in the
.forward and didn't make it to the actual exec:
"|IFS=' '&&exec /usr/local/bin/procmail -f-||exit 75 #somebody"
It seems that the Bourne shell syntax cannot be read by smrsh. I've
done some experimenting with plain ol'
"|/usr/local/bin/procmail -f-#somebody"
and it seems to work, of course. My question is: what effect does
setting the internal field separator have on procmail? My understanding
is that the change to the IFS will only last for the rest of the parsing
of the .forward itself, and will not affect the child processes (i.e.,
procmail).
I'm not too worried about missing the "|| exit 75" in the pipeline; we
only have a few people running procmail and they're all fairly
intelligent, they won't hose their rcfiles up and so forth. I think.
So: I know what the '&&' and '||' mean as far as syntax goes. I have
an opinion about what they do for procmail in this instance, but I'm
going to keep my mouth shut and ask for clarification from you. :-)
Will changing the format of the .forward to a minimalist version damage
anything? Has anyone else implemented smrsh on their machine and solved
this already?
Your time is much appreciated.
Luck++;
Phil
--
#include<std/disclaimer.h> The gods do not protect fools. Fools
finger pedwards(_at_)gamma(_dot_)cs(_dot_)wright(_dot_)edu are protected
by more capable fools.
email pedwards(_at_)valhalla(_dot_)cs(_dot_)wright(_dot_)edu
-Larry Niven