[ On Thu, March 6, 1997 at 04:53:55 (-0500), Philip Hazel wrote: ]
> Subject: Re: pipe problem
>
> On Wed, 5 Mar 1997, Pete Ashdown wrote:
> >
> > I realize the insecurity of /bin/sh, but I have local users who use the
> > procmail line:
> >
> > "|IFS=' ' && exec /usr/local/bin/procmail -f- || exit 75"
> >
> > I read through the archives and Philip essentially said "change the
> > procmail line". This isn't an option here.
>
> The point about it not being a security issue because the user can
> specify a shell anyway is true, but idea was that it would avoid more
> accidents if those that wanted a shell had to ask for it explicitly.
I think an option in the transport that says "use-a-shell" to start the
filter is OK, it would indeed have to be used carefully.
Note that use of a shell to parse the command-line when using the '|'
syntax in a traditional aliases file (and thus ~/.forward file too) is
not specified in aliases(5), but I think it is implied that full
system(3) semantics are expected.
The more modern releases of sendmail document the "prog" mailer as
defaulting to using /bin/sh for addresses that have a leading '|', but
it does *not* document the types of addresses supported in aliases(5).
In any case, yes, I agree too that the user should be able to obtain the
desired behaviour with a line like the following in ~/.forward:
|/bin/sh -c 'env IFS=" " /usr/local/bin/procmail -f- || exit 75'
--
Greg A. Woods
+1 416 443-1734 VE3TCP robohack!woods
Planix, Inc. <woods@???>; Secrets of the Weird <woods@???>
