jaakov%wisdom.bitnet@WISCVM.ARPA (07/08/85)
From: Jacob Levy <jaakov%wisdom.bitnet@WISCVM.ARPA>
This is a repost of 'cmdbymail'. Run everything below the dashed line through
'sh' and enjoy. Installation should be done by SU.
#--- cut here --- cut here --- cut here --- cut here --- cut here ---
#
# This a shell archive, containing the following files :-
#
# makefile cmdbymail.c cmdbymail.1
#
echo extracting makefile
cat << 'FoO ThE BaR' > makefile
DESTDIR = -DDESTDIR=\"/bin\"
CFILES = cmdbymail.c
OFILES = cmdbymail.o
CFLAGS = -O
all: cmdbymail cmdbymail.n
cmdbymail.o: cmdbymail.c
cc $(CFLAGS) $(DESTDIR) -c cmdbymail.c
cmdbymail: $(OFILES)
cc -o cmdbymail $(OFILES)
cmdbymail.n: cmdbymail.1
rm -f cmdbymail.n
nroff -man -Tla12 cmdbymail.1 > cmdbymail.n
cmdbymail.shar: makefile $(CFILES) cmdbymail.1
rm -f cmdbymail.shar
shar makefile $(CFILES) cmdbymail.1 > cmdbymail.shar
install: all
@-echo installing cmdbymail in a public directory
@-echo if you are not SU, this will fail...
/bin/cp cmdbymail /usr/bin
/bin/cp cmdbymail /bin
/bin/cp cmdbymail /etc
/bin/cp cmdbymail.1 /usr/man/man1
@-echo installed it, have fun
FoO ThE BaR
echo extracting cmdbymail.c
cat << 'FoO ThE BaR' > cmdbymail.c
#include <stdio.h>
#define DESTDIR "/bin"
#define BUF_SIZE 1024000
char msgbuffer[BUF_SIZE];
char *
getline(l, here)
char *l, *here;
{
register char *run = l;
if (*here == 0)
return 0;
for (; *here && *here != '\n'; *run++ = *here++);
here++;
*run = 0;
return here;
}
char *
command_message(passwd, subject)
char *passwd, *subject;
{
char sbuf[256],
l[256];
char *run = msgbuffer;
char *lrun = l;
sprintf(sbuf, "Subject: %s", subject);
for (; (run = getline(lrun, run)) != 0; )
if (strncmp(l, "Subject: ", strlen("Subject: ")) == 0) {
if (strcmp(l, sbuf) != 0)
return 0;
else
break;
}
if (run == 0)
return 0;
for (; (run = getline(lrun, run)) != 0 && *lrun == '\0'; )
if (run == 0)
return 0;
if (strcmp(lrun,passwd) == 0)
return run;
return 0;
}
setup(pname, appending)
char *pname;
{
FILE *fd;
int appending;
register char *run;
char pbuf[256],
sbuf[256],
fbuf[256];
printf("enter password to identify legal command files: ");
run = pbuf;
for (*run = getchar(); *run != '\n'; *run = getchar())
run++;
*run = 0;
printf("enter subject to identify legal command files (one word!!): ");
run = sbuf;
for (*run = getchar(); *run != '\n'; *run = getchar())
run++;
*run = 0;
repeat: printf("write a new '.forward' or append? [aw] ");
switch (getchar()) {
case 'w' : case 'W' :
appending = 0;
for (; getchar() != '\n'; );
break;
case '\n' :
appending = 1;
break;
case 'a' : case 'A' :
appending = 1;
for (; getchar() != '\n'; );
break;
default :
for (; getchar() != '\n'; );
goto repeat;
}
sprintf(fbuf, "%s/.forward", getenv("HOME"));
if ((fd = fopen(fbuf, appending ? "a" : "w")) == NULL) {
printf("cannot open .forward file for %s\n",
appending ? "appending" : "writing");
exit(0);
}
fprintf(fd, "\\%s\n\"|%s/%s %s %s\"\n",DESTDIR,getenv("USER"),
pname,pbuf,sbuf);
fclose(fd);
printf("setup done\n");
}
collect_message()
{
register char *run = msgbuffer;
for (*run = getchar(); *run != EOF; *run = getchar())
run++;
*run++ = 0;
*run = 0;
}
do_command(body)
register char *body;
{
FILE *fd;
char *tmp = "/tmp/cmdfXXXXXX";
char cmdbuf[256];
if ((fd = fopen(tmp = (char *)mktemp(tmp), "w")) == NULL)
return;
fprintf(fd, "%s", body);
fclose(fd);
sprintf(cmdbuf, "sh %s", tmp);
system(cmdbuf);
unlink(tmp);
}
main(ac, av)
char **av;
{
char *passwd,
*body,
*subject;
if (ac == 1) {
printf("doing settup\n");
setup(av[0]);
exit(0);
}
passwd = av[1];
subject = av[2];
collect_message();
if ((body = command_message(passwd,subject)) != 0)
do_command(body);
}
FoO ThE BaR
echo extracting cmdbymail.1
cat << 'FoO ThE BaR' > cmdbymail.1
..TH CMDBYMAIL 1N "8 July 1985"
..UC 4
..SH NAME
cmdbymail \- execute commands by mail
..SH SYNOPSYS
..B cmdbymail
..br
..SH DESCRIPTION
..I Cmdbymail
allows a user to execute commands by mail when the user is away.
This is intended to be used as an inexpensive dummy server, or as
a way for a user to execute commands on systems where he has accounts
but cannot log in from his present location.
For example, an ARPA user who has an account on a
machine on the UUCP network can execute
commands on the UUCP machine even though he cannot log in on it directly.
..PP
..I Cmdbymail
must be run once by the user to set up a server for
commands on the local machine.
When it is run by the user, it prompts for three parameters.
It asks for a password to identify legal command files.
This password must appear on the first non\-blank line of the command
file sent via mail.
..I Cmdbymail
also asks for a subject line to identify messages containing commands to
execute.
Lastly, it asks whether a new
..I .forward
file should be created or whether the
setup information should be appended to an existing
..I .forward
file.
The default is to append to a
..I .forward
file, if one exists.
..PP
..I Cmdbymail
makes a
..I .forward
file in the user's home directory which will execute
..I cmdbymail
for each mail message received, and which will also send the mail to the user.
If the message is identified by the correct password and subject lines,
the body of the message will be executed as a shell procedure, with
..I sh.
..I All
messages, whether they are command messages or not, are also sent to the
local user, so he can see what commands are executed.
..SH FILES
~/.forward - used to store the name of the trusted user and the subject line
for command messages.
..SH BUGS
The site on which
..I cmdbymail
is executed must run BSD UNIX 4.2.
..I Cmdbymail
uses specific features of
..I sendmail
which may or
may not be present in other versions of UNIX.
People who want to try and create similar programs for other versions of
UNIX are invited to try.
..PP
At present,
..I cmdbymail
must be installed in a directory such as /usr or /usr/bin or live
in the user's home directory.
Otherwise, when invoked by
..I sendmail
through the
..I .forward
file, it will not be found.
..PP
If the commands in a command message fail, no output is returned to the
sender.
..PP
There is no way to tell
..I cmdbymail
to remove old entries in the
user's
..I .forward
file but leave all other information.
This must be done by manual editing.
Running
..I cmdbymail
twice will create two entries in the user's
..I .forward
file.
This can be construed as a feature, since it allows a user to set up
two different servers for different purposes.
..PP
It is ridiculously easy to cause security problems with this program.
No more hints given here..
..SH AUTHOR
Jacob Levy, Weizmann Institute of Science, Rehovot 76100, Israel.
..nf
BITNET: jaakov@wisdom
ARPA: jaakov%wisdom.bitnet@wiscvm.ARPA
CSNET: jaakov%wisdom.bitnet@csnet-relay
UUCP: (if all else fails..) ..!ucbvax!jaakov%wisdom.bitnet
..fi
FoO ThE BaR