On Sat, May 08, 2004 at 03:52:47PM +0300, Alexander Yeremenko wrote:
On Sat, May 08, 2004 at 01:18:15PM +0300 ay@wnet.ua wrote about "[uanog] exim && procmail Q":
После попытки подменить sendmail на exim вот чего поломалось :
[...]
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
pipe to |exec /usr/local/bin/procmail || exit 75 generated by toex@localhost "exec" command not found for address_pipe transport
трехминутный поиск слова pipe в разделе транспортов команды info exim дает: Not running the command under a shell (by default) lessens the security risks in cases when a command from a user's filter file is built out of data that was taken from an incoming message. If a shell is required, it can of course be explicitly specified as the command to be run. However, there are circumstances where existing commands (for example, in `.forward' files) expect to be run under a shell and cannot easily be modified. To allow for these cases, there is an option called "use_shell", which changes the way the "pipe" transport works. Instead of breaking up the command line as just described, it expands it as a single string and passes the result to "/bin/sh". The "restrict_to_path" option and the $pipe_addresses facility cannot be used with "use_shell", and the whole mechanism is inherently less secure. в общем, или скрипт - или явно shell - или use_shell = true. зависит от степени контролируемости environment-а. например, можно поставить use_shell только для некоторых (trusted) юзеров. =================================================================== uanog mailing list. To Unsubscribe: send mail to majordomo@uanog.kiev.ua with "unsubscribe uanog" in the body of the message