On Mon, 12 May 1997 17:32:36 -0500 (CDT),
Eric Daniel <edaniel(_at_)EESUN2(_dot_)tamu(_dot_)edu> wrote:
At the same time, it would be nice to allow procmail, but then, of course,
the pipe action kind of defeats the purpose of smrsh.
So my questions are:
1) Assuming the pipe action is disabled, can I be sure that
procmail does not provide any other way of executing commands?
Backticks.
2) Has anyone else attempted to disable it (the source of procmail looks a
little, hemm, obfuscated, and I'm not sure what I would need to change)
How about running the stock version of Procmail but doing a chroot
first, allowing procmail to run in a very restricted environment only?
(No idea how well this would or would not work in practice, what do
others think?)
3) Same questions about formail
You would, or would not, include formail in a directory accessible
from the chrooted procmail. I'm no security person but I don't see how
formail would be more vulnerable than, say, grep or wc.
/* era */
--
Defin-i-t-e-ly. Sep-a-r-a-te. Gram-m-a-r. <http://www.iki.fi/~era/>
* Enjoy receiving spam? Register at <http://www.iki.fi/~era/spam.html>