On Fri, April 20, 2007 10:27 am, dan1 wrote:
I would simply like the script to be executed, when passed as a
symlink as
argument, instead of a hardlink.
The problem is that when I specify the script to be executed
(ecardbounce.php) as being a symlink, in the /etc/aliases like this:
ecard-bounce: "|/usr/bin/php /etc/smrsh/ecardbounce.php",
then the script isn't executed. However, when I replace the symlink by
a
hardlink to the same located script, then it works fine with no
problems.
I don't think you should be allowing the php binary to be run like
that...
It's just too easy for some hacker email to run arbitrary PHP code on
your box this way, as I understand it...
At least that's my recollection of how you do NOT want to set up:
sendmail | smrsh | php
The "Right Way" to make sure that only the script you WANT to run is
run is to put the actual PHP script in the /etc/smrsh directory, use
#! at the top of it, and sendmail pipe the data to the executable .php
script.
I don't understand what you mean. A lot of people are using the
smrsh/sendmail combination to run scripts on their site. more often they use
cgi instead of PHP, and now it seems that you are saying that PHP is not a
good thing to use with sendmail/smrsh.
You are saying that it is not safe to use smrsh/php, yet smrsh has been
specifically designed to use sendmail/scripts in a secure way (it stands for
restricted shell).
How do you explain that the 'sympa' production level bulk email program does
use symlinks with sendmail and smrsh the exact same way I do, wouldn't they
know that this would be a potential security breach?
Also, I did follow exactly the recommendation of smrsh on how to setup
symlinks with sendmail and interpreters:
http://www.faqs.org/docs/securing/chap22sec182.html
I think that I do things the right way, just as many other who use phpp
scrits with sendmail to handle e-mail bounces do it, because putting the
real file in /etc/smrsh or putting a link to the file in the same diretory
doesn't present any security difference, as the script will be exectued
exactly the same way, and if a hacker can have access to the symlink, then
he will also be able to have access to the real file.
Else, I have the safe mode set to off, so the php.ini configuration should
not be the problem.
Anyway, thanks for your answers Richard, because it helped me to develop my
understanding about this problem.
I will try to put it in the bug database.
Thanks again for your support.
Regards,
Daniel
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
