Sorry guys,
I haven't had a possibility to follow this thread so far - so maybe I'm
off topic, please excuse me.
If I see things right the issue is to prevent users from using their
.qmail files to pipe data into a shell.
I can see from the thread that it is very difficult to bypass the
situation - restriciting access to .qmail files is unwanted, new files
could be installed etc. pp...
So what about introducing a new qmail feature that allows to control the
use of pipe commands? I know that this might be too drastic, but it was
just a quick idea.
Maybe a check in qmail-local (I think that's the place where to decide
it) wheter a user is allowed to have | commands in his .qmail files.
There could be a configuration file in a root- (or postmaster- or
whatever-)only directory (/var/qmail/controls?), containing a list of
users _not allowed_ to use pipe commands - similar as /etc/ftpusers on
some Linux systems, restricting users from logging in via ftp.
Matthias
--
w e b f a c t o r y | matthias pigulla
www.webfactory.de [EMAIL PROTECTED]
