For example, consider the need to safely store all mail archive files on the mail hub in a
directory called /archives. You would first create this configuration declaration:
O SafeFileEnvironment=/archives
Then every file archive notation in the aliases database should be changed to reference this
base directory:*
adminlist: :include:/usr/local/maillists/admin.list,
/archives/admin/log
For safety, sendmail will henceforth chroot(2) into the /archives directory before delivering
to any files. Note that this SafeFileEnvironment option affects all writes to files, so a user??™s
~/.forward entry (suchas the following) will become relative to /archives and so might fail
depending on your specific setup:
/u/bill/tmp/incoming ?†? written as /archives/u/bill/tmp/incoming
The SafeFileEnvironment option also causes sendmail to verify that the file that is being
written to is a plain file. If it is anything else, sendmail prints the following error and
bounces the messages:
/dev/tty... Can't create output: Error 0
Here, an attempt to dump the message to /dev/tty failed because sendmail discovered it was
a device rather than an ordinary file. But note that beginning with V8.8, it is always legal to
write to the special device named /dev/null.
The SafeFileEnvironment option is not safe. If specified from the command line, it can
cause sendmail to relinquish its special privileges.
Pages:
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952