1 diff -urN sendmail-8.12.6.orig/smrsh/smrsh.c sendmail-8.12.6/smrsh/smrsh.c
2 --- sendmail-8.12.6.orig/smrsh/smrsh.c Mon Oct 14 17:29:31 2002
3 +++ sendmail-8.12.6/smrsh/smrsh.c Mon Oct 14 17:50:32 2002
8 +#include <sys/types.h>
22 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
23 "Trying %s\n", cmdbuf);
25 + if (stat(cmdbuf, &st) < 0)
28 + (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
29 + "%s: %s not available for sendmail programs (stat failed)\n",
34 + syslog(LOG_CRIT, "uid %d: attempt to use %s (stat failed)",
35 + (int) getuid(), cmd);
37 + exit(EX_UNAVAILABLE);
39 + if (!S_ISREG(st.st_mode)
41 + && !S_ISLNK(st.st_mode)
46 + (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
47 + "%s: %s not available for sendmail programs (not a file)\n",
52 + syslog(LOG_CRIT, "uid %d: attempt to use %s (not a file)",
53 + (int) getuid(), cmd);
55 + exit(EX_UNAVAILABLE);
57 if (access(cmdbuf, X_OK) < 0)
59 /* oops.... crack attack possiblity */