On Tue, Jan 07, 2003 at 04:40:20PM -0500, Derek Simkowiak wrote:
Hello,
...
So my question is: is there any way to disable the execution of
child processes in procmail?
No (I think!). Pipes and backticks (don't forget users can do this:
SOMEVAR=`rm -rf /`
if they have root permissions). You might try messing with the SHELL
variable as a workaround, but I don't know of a way for administrators
to prevent users from resetting it back to /bin/sh (or other).
Or is that even the best tactic here? Any suggestions on how to
both (a) allow custom .procmailrc files, and (b) disallow execution of
arbitrary programs, is appreciated. Note that users can upload files to
the server.
One option would be to use some kind of a web interface that restricts
what they can write (i.e., you strip out dangerous things before
writing to .procmailrc or /usr/local/etc/procmailrcs/...). I wrote
Mail::Procmailrc (a Perl module) for abstracting procmailrc files (or
.procmailrc files, you know what I mean) if you happen to be a Perl
programmer. You can install it from CPAN or grab it here:
<http://scott.wiersdorf.org/perl/>
It has a sample CGI script you can look at to illustrate the API (it
parses procmailrc files, stores the data in an object which you can
manupulate--add conditions, recipes, change actions, etc--and then
write it back to file).
You'll have to turn off FTP access too, of course, of you're letting
them write into their own .procmailrc files. If you create an
interface, you could have them write in /usr/local/etc/procmailrcs/*
which would be outside their (hopefully chroot'ed) FTP space and not
give .procmailrc files at all.
Scott
--
Scott Wiersdorf
scott(_at_)perlcode(_dot_)org
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail