9.90 on page 1071) specifies the permissions given to
queue files. In general, all files that are created by sendmail should be considered proprietary
for safety??™s sake. We recommend a setting of:
O TempFileMode=0600 ?†? pre-V8.12, for all temp files and queue files
O QueueFileMode=0600 ?†? V8.12 and above, for queue files only, in sendmail.cf
O QueueFileMode=0660 ?†? V8.12 and above, for MSP queue files only, in submit.cf
This is the Title of the Book, eMatter Edition
Copyright ?© 2007 O??™Reilly & Associates, Inc. All rights reserved.
180 | Chapter 4: Maintain Security with sendmail
With this narrow setting, the risk of accidental or malicious easing of permissions of
your mail archive directories or queue becomes less of a risk.
4.8.3 The /etc/shells File
To prevent certain users from running programs or writing to files by way of the
aliases or ~/.forward files, V8 sendmail introduced the concept of a ???valid shell.??? Just
before allowing delivery via an alias so:
|"/some/program"
/save/to/a/file
the user??™s password entry is looked up. If the shell entry from that password entry is
a valid one, delivery is allowed. A shell is valid if it is listed in the /etc/shells file.* If
that file does not exist, sendmail looks up the shell in its internal list, which looks
(more or less) like this:??
/bin/bsh
/bin/csh
/bin/ksh
/bin/pam
/bin/posix/sh
/bin/rksh
/bin/rsh
/bin/sh
/bin/tcsh
/usr/bin/bsh
/usr/bin/csh
/usr/bin/keysh
/usr/bin/ksh
/usr/bin/pam
/usr/bin/posix/sh
/usr/bin/rksh
/usr/bin/rsh
/usr/bin/sh
/usr/bin/tcsh
With this technique it is possible to prevent certain users from having sendmail running
programs or delivering to files on their behalf.
Pages:
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348