1 diff -urNp -x '*.orig' sendmail-8.16.1.org/smrsh/README sendmail-8.16.1/smrsh/README
2 --- sendmail-8.16.1.org/smrsh/README 2020-05-19 21:54:33.000000000 +0200
3 +++ sendmail-8.16.1/smrsh/README 2021-10-03 22:30:57.155592021 +0200
4 @@ -6,7 +6,7 @@ Software Engineering Institute, Carnegie
5 intended as a supplement to the CERT advisory CA-93:16.sendmail.vulnerability,
6 and to the software, smrsh.c, written by Eric Allman.
9 +* Modified by PLD Team to reflect different paths. *
11 The smrsh(8) program is intended as a replacement for /bin/sh in the
12 program mailer definition of sendmail(8). This README file describes
13 @@ -47,24 +47,24 @@ With gcc, the GNU C compiler, use the -s
14 The following C defines can be set defined to change the search path and
15 the bin directory used by smrsh.
17 --DSMRSH_PATH=\"path\" \"/bin:/usr/bin:/usr/ucb\" The default search
18 +-DSMRSH_PATH=\"path\" \"/bin:/usr/bin:/usr/bin\" The default search
20 --DSMRSH_CMDDIR=\"dir\" \"/usr/adm/sm.bin\" The default smrsh
21 +-DSMRSH_CMDDIR=\"dir\" \"/etc/smrsh\" The default smrsh
24 These can be added to the devtools/Site/site.config.m4 file using the
25 global M4 macro confENVDEF or the smrsh specific M4 macro
28 -As root, install smrsh in /usr/libexec. Using the Build script:
29 +As root, install smrsh in /usr/sbin. Using the Build script:
31 host.domain# sh ./Build install
33 -For manual installation: install smrsh in the /usr/libexec
34 +For manual installation: install smrsh in the /usr/sbin
35 directory, with mode 511.
37 - host.domain# mv smrsh /usr/libexec
38 - host.domain# chmod 511 /usr/libexec/smrsh
39 + host.domain# mv smrsh /usr/sbin
40 + host.domain# chmod 511 /usr/sbin/smrsh
44 @@ -79,14 +79,14 @@ to run. This list of allowable commands
46 See the man page for aliases(5) if you are unfamiliar with the format of
47 these specifications. Additionally, you should include in the list,
48 -popular commands such as /usr/ucb/vacation.
49 +popular commands such as /usr/bin/vacation.
51 You should NOT include interpreter programs such as sh(1), csh(1),
52 perl(1), uudecode(1) or the stream editor sed(1) in your list of
55 If your platform doesn't have a default SMRSH_CMDDIR setting, you will
56 -next need to create the directory /usr/adm/sm.bin and populate
57 +next need to create the directory /etc/smrsh and populate
58 it with the programs that your site feels are allowable for sendmail
59 to execute. This directory is explicitly specified in the source
60 code for smrsh, so changing this directory must be accompanied with
61 @@ -95,22 +95,22 @@ a change in smrsh.c.
63 You will have to be root to make these modifications.
65 -After creating the /usr/adm/sm.bin directory, either copy the programs
66 +After creating the /etc/smrsh directory, either copy the programs
67 to the directory, or establish links to the allowable programs from
68 -/usr/adm/sm.bin. Change the file permissions, so that these programs
69 +/etc/smrsh. Change the file permissions, so that these programs
70 can not be modified by non-root users. If you use links, you should
71 ensure that the target programs are not modifiable.
73 To allow the popular vacation(1) program by creating a link in the
74 -/usr/adm/sm.bin directory, you should:
75 +/etc/smrsh directory, you should:
77 - host.domain# cd /usr/adm/sm.bin
78 - host.domain# ln -s /usr/ucb/vacation vacation
79 + host.domain# cd /etc/smrsh
80 + host.domain# ln -s /usr/bin/vacation vacation
85 -After populating the /usr/adm/sm.bin directory, you can now configure
86 +After populating the /etc/smrsh directory, you can now configure
87 sendmail to use the restricted shell. Save the current sendmail.cf
88 file prior to modifying it, as a prudent precaution.
90 @@ -125,7 +125,7 @@ help to locate it.
92 In order to configure sendmail to use smrsh, you must modify the Mprog
93 definition in the sendmail.cf file, by replacing the /bin/sh specification
94 -with /usr/libexec/smrsh.
95 +with /usr/sbin/smrsh.
99 @@ -133,14 +133,14 @@ In most Sun Microsystems' sendmail.cf fi
100 Mprog, P=/bin/sh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
102 which should be changed to:
103 -Mprog, P=/usr/libexec/smrsh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
104 +Mprog, P=/usr/sbin/smrsh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
107 A more generic line may be:
108 Mprog, P=/bin/sh, F=lsDFM, A=sh -c $u
110 and should be changed to;
111 -Mprog, P=/usr/libexec/smrsh, F=lsDFM, A=sh -c $u
112 +Mprog, P=/usr/sbin/smrsh, F=lsDFM, A=sh -c $u
115 After modifying the Mprog definition in the sendmail.cf file, if a frozen
116 @@ -151,7 +151,7 @@ or /etc/mail directories. The specific
117 a search of the strings(1) output of the sendmail binary.
119 In order to create a new frozen configuration, if it is required:
120 - host.domain# /usr/lib/sendmail -bz
121 + host.domain# /usr/sbin/sendmail -bz
123 Now re-start the sendmail process. An example of how to do this on
124 a typical system follows:
125 diff -urNp -x '*.orig' sendmail-8.16.1.org/smrsh/smrsh.8 sendmail-8.16.1/smrsh/smrsh.8
126 --- sendmail-8.16.1.org/smrsh/smrsh.8 2020-05-19 21:54:33.000000000 +0200
127 +++ sendmail-8.16.1/smrsh/smrsh.8 2021-10-03 22:30:57.155592021 +0200
128 @@ -39,7 +39,7 @@ Briefly,
130 limits programs to be in a single directory,
134 allowing the system administrator to choose the set of acceptable commands,
135 and to the shell builtin commands ``exec'', ``exit'', and ``echo''.
136 It also rejects any commands with the characters
137 @@ -50,16 +50,16 @@ It allows ``||'' and ``&&'' to enable co
138 ``"|exec /usr/local/bin/filter || exit 75"''
140 Initial pathnames on programs are stripped,
141 -so forwarding to ``/usr/ucb/vacation'',
142 +so forwarding to ``/usr/bin/vacation'',
143 ``/usr/bin/vacation'',
144 ``/home/server/mydir/bin/vacation'',
147 all actually forward to
148 -``/usr/adm/sm.bin/vacation''.
149 +``/etc/smrsh/vacation''.
151 System administrators should be conservative about populating
152 -the sm.bin directory.
153 +the /etc/smrsh directory.
154 For example, a reasonable additions is
157 @@ -68,10 +68,10 @@ never include any shell or shell-like pr
164 Note that this does not restrict the use of shell or perl scripts
165 -in the sm.bin directory (using the ``#!'' syntax);
166 +in the /etc/smrsh directory (using the ``#!'' syntax);
167 it simply disallows execution of arbitrary programs.
168 Also, including mail filtering programs such as
170 @@ -79,16 +79,8 @@ is a very bad idea.
172 allows users to run arbitrary programs in their
175 -Compilation should be trivial on most systems.
176 -You may need to use \-DSMRSH_PATH=\e"\fIpath\fP\e"
177 -to adjust the default search path
178 -(defaults to ``/bin:/usr/bin:/usr/ucb'')
179 -and/or \-DSMRSH_CMDDIR=\e"\fIdir\fP\e"
180 -to change the default program directory
181 -(defaults to ``/usr/adm/sm.bin'').
183 -/usr/adm/sm.bin \- default directory for restricted programs on most OSs
184 +/etc/smrsh \- directory for restricted programs
186 /var/adm/sm.bin \- directory for restricted programs on HP UX and Solaris
188 diff -urNp -x '*.orig' sendmail-8.16.1.org/smrsh/smrsh.c sendmail-8.16.1/smrsh/smrsh.c
189 --- sendmail-8.16.1.org/smrsh/smrsh.c 2020-05-19 21:54:33.000000000 +0200
190 +++ sendmail-8.16.1/smrsh/smrsh.c 2021-10-03 22:30:57.155592021 +0200
191 @@ -77,7 +77,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.66 20
193 # define CMDDIR SMRSH_CMDDIR
195 -# define CMDDIR "/usr/adm/sm.bin"
196 +# define CMDDIR "/etc/smrsh"
198 #endif /* ! CMDDIR */
200 @@ -89,7 +89,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.66 20
202 # define PATH SMRSH_PATH
204 -# define PATH "/bin:/usr/bin:/usr/ucb"
205 +# define PATH "/bin:/usr/bin:/usr/sbin"