I was going to ask...
"Is there an Exim equivalent of smrsh, the SendMail Restricted SHell,
i.e. something to restrict the pipes which Exim will allow? Or is such
a thing unnecessary with Exim because the problem with sendmail which
smrsh was designed to solve is not a problem with Exim?"
...but I thought that I had better read the manual carefully first. In
section 17.2 (of the 1.62 version of the manual) I came across
restrict_to_path, but that would seem to prevent standard use of e.g.
/usr/ucb/vacation. I then noted the remarks about the command being run
directly from the transport, NOT under a shell, thus lessening the
security risks... But it says that if a shell is required it can be
specified explicitly. After reading that I still don't know whether
allowing users to run pipes from .forward files is a security threat or
not.
So far I have only used Exim on our mail hubs but I am thinking of using
it on hosts currently running simple sendmail configurations which send
all non-local mail to the hubs. One reason for doing this is the
simplicity of preventing relaying with Exim. However I currently use
smrsh and do not want to lower the security of these systems.
(On the other hand, if a local host implicitly allows relaying but sends
all its mail via a hub running Exim which is configured to prevent
relaying except for the local network will this prevent the local host
from being used as a relay?)
Can any security experts out there comment on this, please.
Thank you.
Richard
--
Richard Gilbert
Corporate Information and Computing Services
University of Sheffield, Sheffield, S10 2TN, UK
Phone: +44 114 222 3028 Fax: +44 114 222 3040
--
* This is sent by the exim-users mailing list. To unsubscribe send a
mail with subject "unsubscribe" to exim-users-request@???
* Exim information can be found at http://www.exim.org/
