tasos@bacardi.bu.edu (Anastasios Kotsikonas) (11/14/90)
Hello everyone, I have a problem with mail aliases which I cannot figure out. In the /etc/aliases file the exists the following alias: listserv: "|/bin/cat >> /usr/guest/ermis/requests" which is obviously intended to divert any mail sent to 'listserv' to another account (ermis) in the file 'requests'. But whenever I send mail to listserv, I get the following error message from MAILER-DAEMON (along with a copy of my original message): ----- Transcript of session follows ----- Cannot exec '/bin/sh' errno=13 554 "|/bin/cat >> /usr/guest/ermis/requests"... Service unavailable Does anyone know what this message means? For the record, let me tell you that the protection in the ermis home directory is drwsrwxrwx; also for the record, I have noticed that when I do an 'ls -l' there seem to be no group memberships or ownerships for both the home directory and its files. I would appreciate any help. Thanks in advance, tasos tasos@bacardi.bu.edu
jeff@onion.pdx.com (Jeff Beadles) (11/15/90)
In <68488@bu.edu.bu.edu> tasos@bacardi.bu.edu (Anastasios Kotsikonas) writes: >I have a problem with mail aliases which I cannot figure out. In the >/etc/aliases file the exists the following alias: >listserv: "|/bin/cat >> /usr/guest/ermis/requests" Ack! This isn't a very good way to do this. Try this, it tastes great AND is less filling. :-) listserv: /usr/guest/ermis/requests Sendmail will automatically append to the file for you. Just create it, and make sure that everyone can access it. (Both for read and write) Yes kiddies, this is yash (Yet another "security" hole. If anyone can read/write to the file, then they can also change the contents...) -Jeff -- Jeff Beadles jeff@onion.pdx.com
rickert@mp.cs.niu.edu (Neil Rickert) (11/16/90)
In article <1990Nov15.032104.15003@onion.pdx.com> jeff@onion.pdx.com (Jeff Beadles) writes: >Try this, it tastes great AND is less filling. :-) > >listserv: /usr/guest/ermis/requests > >Sendmail will automatically append to the file for you. Just create it, and >make sure that everyone can access it. (Both for read and write) Yes kiddies, >this is yash (Yet another "security" hole. If anyone can read/write to the >file, then they can also change the contents...) > In recent versions of sendmail (certainly 5.64) there is an alternative. According to the code comments, you can set the suid and/or sgid bits on the file. In this case sendmail will write with the permissions of the owner and/or group. Note that you have to be careful NOT to set any 'x' bits, or sendmail will refuse to write. It seemed to work in my tests. I don't know when this first became part of sendmail. But it does allow you to set up a file so that sendmail can write to it, yet still restrict who else may read or write. A warning, however. Sendmail does not seem to use any file locking when mailing to a file. Unless the volume of mail to this alias is high, that is perhaps not a problem, for conflicts are improbable. If you want to totally avoid the problem of two messages being written concurrently, and partially destroying each other, you can always create a new user loginid for the system, and use that user's mailbox as the file. -- =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= Neil W. Rickert, Computer Science <rickert@cs.niu.edu> Northern Illinois Univ. DeKalb, IL 60115. +1-815-753-6940