On Sun, 30 Apr 2000, Michael hall wrote:
Using the example '.forward' included in the distribution:
"|IFS=' ' && p=/usr/local/bin/procmail && test -f $p && exec $p -Yf- || exit
75
#YOUR_LOGIN_NAME"
Causes complaints from 'smrsh' about illegal characters ('|','&'). Whats the
best way to get around this or how do others handle this ? Rewrite it and
don't use '&&', '||' ?
I think so. If you define in /var/adm/sm.bin (or whatever the trusted
smrsh binary executables directory is) a link to /usr/local/bin/procmail
than you say you trust this file - it's not a suspicious link or file
owned by non-root user etc. I think allowing /bin/sh is the same as
allowing && and || (i.e. forget about smrsh and convert back to /bin/sh).
Even, I think smrsh takes care if /usr/local/bin/procmail really exists
and is a file, if some test fails then MTA sends the message back, setting
the proper EXITCODE anyway.
BTW: The `YOUR_LOGIN_NAME' part can be omitted - it obeys some very old
and long time fixed bug in sendmail ... I was told.
But these are just my guesses, completely untested.
--
Martin Mokrejs - PGP5.0i key is at http://www.natur.cuni.cz/~mmokrejs
<mmokrejs(_at_)natur(_dot_)cuni(_dot_)cz> Faculty of Science, The Charles
University