I administer a server on which the users have no shellaccess.
We would like to keep it this way, because on machines with no
shellaccess much less resources and maintenance are needed,
especially with regard to security.
We would like to offer the use of procmail to the users, but
not have the problem of procmail being used to exploit bugs
that are only accessible from a shell.
(Yes, I know, bugs should be fixed anyway, and we do that, but
the urgency is much less when not every user can trivially exploit them)
What would be the best way to achieve this, and does anybody have
experience with such a setup ?
I'm thinking about two ways to do this :
1: hack procmail in order to prevent it from starting any other program (would
that be possible without losing the basic filtering functionality ?)
2: chmod just about every binary to disallow world execute, have the users
in groups other than the ones that own the the binaries. (mostly bin,
so not much of a problem)
Regards, Boudewijn Visser
+-------------------------------------------------------------------+
|Boudewijn Visser |E-mail:visser(_at_)ph(_dot_)tn(_dot_)tudelft(_dot_)nl
|finger for |
|Dep. of Applied Physics,Delft University of Technology |PGP-key |
+-- my own opinions etc --------------------------------------------+