TUCoPS :: Unix :: General :: ciacf013.txt

Unix Sendmail

	     _____________________________________________________
                         The U.S. Department of Energy
                     Computer Incident Advisory Capability
                             ___  __ __    _     ___
                            /       |     / \   /
                            \___  __|__  /___\  \___
             _____________________________________________________

			     Information Bulletin

			Unix Sendmail Vulnerabilities

February 22, 1995 1600 PST                                         Number F-13
______________________________________________________________________________
PROBLEM:	Several vulnerabilities in the UNIX sendmail utility exist
		which may be exploited remotely and locally.
PLATFORM:	Unix; All implementations of sendmail.
DAMAGE:		Privileged access can be obtained by local and remote
		users. 
SOLUTION:	Retrieve and install vendor patches or Berkeley 
		Sendmail version 8.6.10 immediately.
______________________________________________________________________________

VULNERABILITY	Exploitation of these vulnerabilities can be used by local and
ASSESSMENT:	remote users to read any file, overwrite or destroy files, or
		run programs on the system.  At least one of these 
		vulnerabilities is being exploited by intruders now.  CIAC 
		strongly recommends installing the appropriate patches 
		immediately. Where that is not possible, implementing
		the workarounds described below as soon as possible.
______________________________________________________________________________

	   Critical Information about Unix Sendmail Vulnerabilities

This bulletin supersedes all previous CIAC bulletins on Unix sendmail.

CIAC has received updated information regarding several vulnerabilities in the
sendmail program, one of which is widely known.  The problems occur in many
versions of sendmail (see below for details).

The first vulnerability involves versions of sendmail that support the 
IDENT (RFC 1413) functionality.  This vulnerability allows an intruder to 
gain access to the system remotely, even without an existing account on the
system. 

In addition, several other problems have been identified in sendmail that
allow intruders to gain unauthorized privileges.  Intruders need to have an
account on your system to exploit these problems.  These problems are thought
to exist in many versions of Unix sendmail.  The table below indicates systems
known at this time to be affected.

The CERT Coordination Center is maintaining a list of affected versions of
sendmail.  The current list is attached to this bulletin (see Appendix A.)  
Future versions of this file can be obtained from ciac.llnl.gov, in the file

	/pub/ciac/bulletin/f-fy95/f-13.ciac-sendmail-README

The following are the recommended solutions to the sendmail vulnerabilities:

A.  Obtain the appropriate patch from your vendor and install it according to
    the instructions included with the patch.  Below is a summary of the 
    information we have received from vendors.  More details, including how 
    to obtain patches, are contained in Appendix A.


Vendor or Source            Remote vul?/patch status  Local vul?/patch status
                            (IDENT)
---------------             ------------------------  ------------------------
Eric Allman                 
  version 8.6.10            Not vul./ --              Not vul./ --
  all other versions        Vul./upgrade avail.       Vul./upgrade avail.
                            
Apple Computer, Inc.        
  v.3.1.1, 3.1              Not vul./ --              Vul./patch avail.
  earlier versions          Vul./see appendix         Vul./see appendix
			    
Berkeley Software Design,   
Inc. (BSDI)		    
  version 2.0               Not vul./ --              Vul./patch avail. soon
  other versions            Vul./patch avail. soon    Vul./patch avail. soon
			    
Cray Computer Corporation   
(Craycos)                   Not vul./ --              Vul./patch avail.        
			    
			    
Data General Corporation    Not vul./ --              Not vul./ --
			    
Digital Equipment Corp.     Not vul./ --              Vul./patch avail. soon
              		    
Harris Comp.Systems Corp.   Vul./patch avail.         Vul./patch avail.
			    
Hewlett-Packard Company     Not vul./ --              Vul./patch avail.by Feb 23
			    
IBM Corporation             Not vul./ --              Vul./patch avail. 
			    
Motorola                    Vul./patch avail.         Vul./patch avail.
			    
Open Software Foundation    Not vul./ --              Vul./see appendix
			    
The Santa Cruz Operation    Not vul./ --              Vul./patch avail. soon 
			    
Sequent Computer Systems    Not vul./ --              Vul./patch avail.
			    
Silicon Graphics (SGI)      Not vul./ --              Vul./patch avail.
			    
Solbourne (Grumman)         Not vul./ --              Vul./patch avail. soon
			    
Sony Corporation            Vul./patch avail.         Vul./patch avail.
			    
Sun Microsystems, Inc.      Not vul./ --              Vul./patch avail.


B.  Install Berkeley sendmail version 8.6.10, which is freely available
    by anonymous FTP (see Appendix A for locations).  This version fixes
    all the problems described in this bulletin. Be aware that, depending
    upon the currently installed sendmail program, switching to a different
    sendmail may require significant effort such as rewriting the 
    sendmail.cf file.

C.  Until you are able to install the appropriate patch or Berkeley sendmail
    8.6.10, we recommend the following workarounds:

    1.  To protect against remote attacks only:

        If you are currently running sendmail versions 8.6.6 through 8.6.9, 
	you can turn off the IDENT protocol by adding the following line to 
	the configuration file and then restarting sendmail:

		Orident=0

	If you are running 8.6.5 or earlier you cannot disable IDENT in this
	manner.  Instead, you should upgrade to version 8.6.10.

    2.  To provide limited protection against local attacks:

	Install the "sendmail wrapper" that is provided in Appendix B of this
	bulletin.  The wrapper is also available by anonymous FTP from:
            
	ciac.llnl.gov:/pub/ciac/bulletin/f-fy95/f-13.ciac-sendmail-wrapper.c
                 MD5 = 5c930d9d139dfaa1dfc9de6c40ddf8c6

        info.cert.org:/pub/tools/sendmail/sendmail_wrapper/sendmail_wrapper.c  
                 MD5 = 5c930d9d139dfaa1dfc9de6c40ddf8c6
       
        ftp.auscert.org.au:/pub/auscert/tools/sendmail_wrapper.c
                 MD5 = 5c930d9d139dfaa1dfc9de6c40ddf8c6

        ftp.cert.dfn.de:/pub/tools/net/sendmail-wrapper/sendmail-wrapper.c
                 MD5 = 5c930d9d139dfaa1dfc9de6c40ddf8c6 

	The installation instructions for installing the wrapper are contained
        within the source file.

	This wrapper does not solve the problems with sendmail 8.6.9 
	or with older versions.  It should only be used until 8.6.10 or a 
	vendor patch is installed.

______________________________________________________________________________

CIAC thanks the CERT Coordination Center and AUSCERT for the information
provided in this bulletin.
______________________________________________________________________________

For additional information or assistance, please contact CIAC:
    Voice:   510-422-8193
    FAX:     510-423-8002
    STU-III: 510-423-2604
    E-mail:  ciac@llnl.gov

Previous CIAC Bulletins and other information are available via anonymous
FTP from ciac.llnl.gov (IP address 128.115.19.53).

CIAC has several self-subscribing mailing lists for electronic publications:
1. CIAC-BULLETIN for Advisories, highest priority - time critical information,
   and Bulletins, important computer security information;
2. CIAC-NOTES for Notes, a collection of computer security articles;
3. SPI-ANNOUNCE for official news about Security Profile Inspector (SPI)
   software updates, new features, distribution and availability;
4. SPI-NOTES, for discussion of problems and solutions regarding the use of
   SPI products.

CIAC's mailing lists are managed by a public domain software package called
ListProcessor, which ignores E-mail header subject lines.  To subscribe (add
yourself) to one of our mailing lists, send the following request as the
E-mail message body, substituting CIAC-BULLETIN, CIAC-NOTES, SPI-ANNOUNCE or
SPI-NOTES for "list-name" and valid information for "LastName" "FirstName" and
"PhoneNumber" when sending

E-mail to ciac-listproc@llnl.gov:
          subscribe list-name  LastName, FirstName PhoneNumber
    e.g., subscribe ciac-notes O'Hara, Scarlett 404-555-1212 x36

You will receive an acknowledgment containing address, initial PIN, and
information on how to change either of them, cancel your subscription, or get
help.
______________________________________________________________________________

PLEASE NOTE: Many users outside of the DOE and ESnet computing communities
receive CIAC bulletins.  If you are not part of these communities, please
contact your agency's response team to report incidents.  Your agency's team
will coordinate with CIAC.  The Forum of Incident Response and Security Teams
(FIRST) is a world-wide organization.  A list of FIRST member organizations
and their constituencies can be obtained by sending E-mail to
first-request@first.org with an empty subject line and a message body
containing the line: send first-contacts.

This document was prepared as an account of work sponsored by an agency of the
United States Government.  Neither the United States Government nor the
University of California nor any of their employees, makes any warranty,
expressed or implied, or assumes any legal liability or responsibility for the
accuracy, completeness, or usefulness of any information, product, or process
disclosed, or represents that its use would not infringe privately owned
rights.  Reference herein to any specific commercial products, process, or
service by trade name, trademark manufacturer, or otherwise, does not
necessarily constitute or imply its endorsement, recommendation, or favoring by
the United States Government or the University of California.  The views and
opinions of authors expressed herein do not necessarily state or reflect those
of the United States Government nor the University of California, and shall not
be used for advertising or product endorsement purposes.
______________________________________________________________________________


Appendix A: Vendor Information
==============================

Below is information we have received from vendors who have patches
available or upcoming for the vulnerabilities described in this
bulletin as of February 22, 1995.


--------------------
Eric Allman

Sendmail version 8.6.10 is not vulnerable.  

This version is available by anonymous FTP from

 ftp.cs.berkeley.edu:/ucb/sendmail
 ftp.uu.net:/networking/mail/sendmail/UCB
 info.cert.org:/pub/tools/sendmail/sendmail.8.6.10
 ftp.cert.dfn.de:/pub/tools/net/sendmail
 ftp.auscert.org.au:/pub/coast/mirrors/ftp.cs.berkeley.edu/ucb/sendmail

In all of the above locations, the MD5 checksums are the same,

MD5 (sendmail.8.6.10.base.tar.Z) = 4ab8ac267b1eaf8d1725c14cf4b2e885
MD5 (sendmail.8.6.10.cf.tar.Z) = c70c576697bbbf047ed379a7b98633f6
MD5 (sendmail.8.6.10.misc.tar.Z) = 6212390ca0bb4b353e29521f1aab492f
MD5 (sendmail.8.6.10.patch) = 08d6f977c171ea858f1e940163212c3a
MD5 (sendmail.8.6.10.xdoc.tar.Z) = 8b2252943f365f303b6302b71ef9a841


--------------------
Apple Computer, Inc.

An upgrade to A/UX version 3.1 (and 3.1.1) for these vulnerabilities is
available. The upgrade is a replacement of the sendmail binary. It is
available via anonymous FTP from ftp.support.apple.com:

        pub/apple_sw_updates/US/Unix/A_UX/supported/3.x/sendmail/

It is also available via anonymous FTP from abs.apple.com:

        pub/abs/aws95/patches/sendmail/

In both cases the compressed binary has the following signature:

        MD5 (sendmail.Z) = 31bb15604517630f46d7444a6cfab3f1

Uncompress(1) this file and replace the existing version in /usr/lib;
be sure to preserve the hard links to /usr/ucb/newaliases and
/usr/ucb/mailq, kill the running sendmail and restart.

Earlier versions of A/UX are not supported by this patch.  Users of
previous versions are encouraged to update their system or compile 
the latest version of sendmail available from ftp.cs.berkeley.edu.

Customers should contact their reseller for any additional information.

--------------------
Berkeley Software Design. Inc. (BSDI)

BSD/OS V2.0 is vulnerable to the local user problems, but not the
remote user (IDENT) problem.

All earlier releases of BSD/OS are vulnerable to both problems.
Patches are being developed and will be made available via anonymous
FTP on ftp.bsdi.com in the directory "bsdi/support".

BSDI Contact Information:
        BSDI Customer Support
        Berkeley Software Design, Inc.
        7759 Delmonico Drive
        Colorado Springs, CO 80919
        Toll Free: +1 800 ITS BSD8 (+1 800 486 2738)
        Phone: +1 719 260 8114
        Fax: +1 719 598 4238
        Email: support@bsdi.com

--------------------
Cray Computer Corporation (Craycos)

        A new version of sendmail, one that does not have the
        problem, is available from CCC.  Please contact your site
        analyst for more information. You may also contact CCC Field
        Support using the address below.

                e-mail: support@craycos.com

--------------------
Digital Equipment Corporation

Digital will announce the availability of a kit as soon as it becomes
available.

--------------------
Harris Computer Systems Corporation

Request the appropriate patch for Harris NightHawk Systems, as follows:

                System                          Patch

                cx/ux 7.1                       cx7.1-030
                cx/ux 6.2                       cx6.2-114
                cx/sx 6.2                       cx6.2-114


If you need further information, contact
the Harris Support Hotline 1-800-245-6453.

--------------------
Hewlett-Packard Company

Hewlett-Packard HP-UX           Patches available by 2/23/95 
                                Vulnerable to:   -d DEBUG option
                                                 Latest queue problem
                                Not Vulnerable to: IDENT problem

Apply patch PHNE_5264 (series 700/800, HP-UX 9.x), or
            PHNE_5263 (series 700/800, HP-UX 8.x), or
            PHNE_5260 (series 300/400, HP-UX 9.0), or
            PHNE_5259 (series 300/400, HP-UX 8.x)

You can get patches via:
1. Ftp / email / kermit to HP SupportLine
   To obtain a copy of the HP SupportLine email service user's guide,
   send the following in the TEXT PORTION OF THE MESSAGE to
   support@support.mayfield.hp.com (no Subject is required):
                      send guide
2. World Wide Web: http://support.mayfield.hp.com

If you need further information, contact

HP SupportLine: 1-415-691-3888
phone: 1-415-691-3680
telnet/ftp: support.mayfield.hp.com (192.6.148.19)

--------------------
IBM Corporation

        A possible security exposure exists in the bos.obj sendmail 
	subsystem in all AIX releases.
 
        The user can cause arbitrary data to be written into the sendmail 
	queue file.  Non-privileged users can affect the delivery of mail, 
	as well as run programs as other users.
        
        Workaround
 
        A. Apply the patch for this problem. The patch is available
           from software.watson.ibm.com. The files will be located in
           the /pub/aix/sendmail in compressed tar format.

           The MD5 checksum for the binary file is listed
           below, ordinary "sum" checksums follow as well.

           File            sum             MD5 Checksum
           ----            ---             ------------
           sendmail.tar.Z 35990           e172fac410a1b31f3a8c0188f5fd3edb

 
         B. The official fix for this problem can be ordered as
            Authorized Program Analysis Report (APAR) IX49257.
 
            To order an APAR from IBM in the U.S. call 1-800-237-5511
            and ask for shipment as soon as it is available (in
            approximately two weeks).  APARs may be obtained outside the
            U.S. by contacting a local IBM representative.
 
--------------------
Motorola Computer Group (MCG)

The following MCG platforms are vulnerable:
        R40
        R32 running CNEP add-on product
        R3 running CNEP add-on product

The following MCG platforms are not vulnerable:
        R32     not including CNEP add-on product
        R3      not including CNEP add-on product
        R2
        VMEEXEC
        VERSADOS

The patch is available and is identified as "patch_43004 p001" or
"SCML#5552".  It is applicable to OS revisions from R40V3 to R40V4.3.
For availability of patches for other versions of the product contact
your regional MCG office at the numbers listed below.

Obtain and install the appropriate patch according to the instructions
included with the patch.

The patch can be obtained through anonymous ftp from ftp.mcd.mot.com
[144.191.210.3] in the pub/patches/r4 directory.  The patch can also
be obtained via sales and support channels.  Questions regarding the
patch should be forwarded to sales or support channels.

For verification of the patch file:
        Results of      sum -r  == 27479 661
                        sum     == 32917 661
                        md5     == 8210c9ef9441da4c9a81c527b44defa6

Contact numbers for Sales and Support for MCG:

                United States (Tempe, Arizona)
                Tel:    +1-800-624-0077
                Fax:    +1-602-438-3865

        Europe (Brussels, Belgium)
                Tel:    +32-2-718-5411
                Fax:    +32-2-718-5566

        Asia Pacific / Japan (Hong Kong)
                Tel:    +852-966-3210
                Fax:    +852-966-3202

        Latin America / Australia / New Zealand (U.S.)
                Tel:   +1 602-438-5633
                Fax:   +1 602-438-3592

--------------------
Open Software Foundation

The local vulnerability described in the advisory can be exploited
in OSF's OSF/1 R1.3 (this is different from DEC's OSF/1).
Customers should apply the relevant portions of cert's fix to 
their source base.  For more information please contact OSF's
support organization at osf1-defect@osf.org.

--------------------
The Santa Cruz Operation

SCO systems are not vulnerable to the IDENT problem.
Systems running the MMDF mail system are not vulnerable to the remote or
local problems.

The following releases of SCO products are vulnerable to the local problems.
============================================================================
SCO TCP/IP 1.1.x for SCO Unix System V/386 Operating System Release 3.2 
Versions 1.0 and 2.0
SCO TCP/IP 1.2.x for SCO Unix System V/386 Operating System Release 3.2
Versions 4.x
SCO TCP/IP 1.2.0 for SCO Xenix System V/386 Operating System Release 2.3.4

SCO Open Desktop Lite Release 3.0
SCO Open Desktop Release 1.x, 2.0, and 3.0
SCO Open Server Network System, Release 3.0
SCO Open Server Enterprise System, Release 3.0

Patches are currently being developed for the release 3.0 and 1.2.1
based products. The latest sendmail available from SCO, on Support Level
Supplement (SLS) net382d, is also vulnerable. 

Contacts for further information:

e-mail: support@sco.COM

USA, Canada, Pacific Rim, Asia, Latin America 
6am-5pm Pacific Daylight Time (PDT)
----------------------------------------------
1-408-425-4726  (voice)
1-408-427-5443  (fax)

Europe, Middle East, Africa: 9am-5:30pm British Standard Time (BST)
-------------------------------------------------------------------
+44 (0)923 816344 (voice)
+44 (0)923 817781 (fax)


--------------------
Sequent Computer Systems

Sequent customers should contact Sequent Customer Service and request the
Fastpatch for sendmail.

phone: 1-800-854-9969.
e-mail: service-question@sequent.com


--------------------
Silicon Graphics, Inc.

At the time of writing of this document, patches/binaries are planned for 
IRIX versions 4.x, 5.2, 5.3, 6.0, and 6.0.1 and will be available to all 
SGI customers.

The patches/binaries may be obtained via anonymous ftp (ftp.sgi.com) or
from your support/service provider.

On the anonymous ftp server, the binaries/patches can be found in 
either ~ftp/patches or ~ftp/security directories along with more 
current pertinent information.

For any issues regarding this patch, please, contact your support/service
provider or send email to cse-security-alert@csd.sgi.com.


--------------------
Sony Corporation

        NEWS-OS 6.0.3   vulnerable; Patch SONYP6022 [sendmail] is available.
        NEWS-OS 6.1     vulnerable; Patch SONYP6101 [sendmail] is available.
        NEWS-OS 4.2.1   vulnerable; Patch 0101 [sendmail-3] is available.
                        Note that this patch is not included in 4.2.1a+.

        Patches are available via anonymous FTP in the
        /pub/patch/news-os/un-official directory on
        ftp1.sony.co.jp [202.24.32.18]:

        4.2.1a+/0101.doc        describes about patch 0101 [sendmail-3]
        4.2.1a+/0101_C.pch      patch for NEWS-OS 4.2.1C/a+C
        4.2.1a+/0101_R.pch      patch for NEWS-OS 4.2.1R/RN/RD/aRD/aRS/a+R

        6.0.3/SONYP6022.doc     describes about patch SONYP6022 [sendmail]
        6.0.3/SONYP6022.pch     patch for NEWS-OS 6.0.3

        6.1/SONYP6101.doc       describes about patch SONYP6101 [sendmail]
        6.1/SONYP6101.pch       patch for NEWS-OS 6.1

        Filename                BSD             SVR4
                                Checksum        Checksum
        --------------          ---------       ---------
        4.2.1a+/0101.doc        55361 2         19699 4
        4.2.1a+/0101_C.pch      60185 307       25993 614
        4.2.1a+/0101_R.pch      35612 502       31139 1004
        6.0.3/SONYP6022.doc     03698 2         36652 4
        6.0.3/SONYP6022.pch     41319 436       20298 871
        6.1/SONYP6101.doc       40725 2         3257 3
        6.1/SONYP6101.pch       37762 434       4624 868

        MD5 checksums are:
        MD5 (4.2.1a+/0101.doc) = c696c28abb65fffa5f2cb447d4253902
        MD5 (4.2.1a+/0101_C.pch) = 20c2d4939cd6ad6db0901d6e6d5ee832
        MD5 (4.2.1a+/0101_R.pch) = 840c20f909cf7a9ac188b9696d690b92
        MD5 (6.0.3/SONYP6022.doc) = b5b61aa85684c19e3104dd3c4f88c5c5
        MD5 (6.0.3/SONYP6022.pch) = 1e4d577f380ef509fd5241d97a6bcbea
        MD5 (6.1/SONYP6101.doc) = 62601c61aef99535acb325cf443b1b25
        MD5 (6.1/SONYP6101.pch) = 87c0d58f82b6c6f7811750251bace98c

If you need further information, contact your vendor.

--------------------
Solbourne

Grumman System Support Corporation now performs all Solbourne
software and hardware support. Please contact them for further
information.

        e-mail: support@nts.gssc.com       
        phone: 1-800-447-2861

--------------------
Sun Microsystems, Inc.

Sun has developed patches for all supported platforms and architectures,
including Trusted Solaris, Solaris x86, and Interactive Unix. Note that Sun no
longer supports the sun3 architecture and versions of the operating system
that precede 4.1.3.

Current patches are listed below.

         OS version      Patch ID    Patch File Name
         ----------      ---------   --------------- 
         4.1.3           100377-19   100377-19.tar.Z
         4.1.3_U1        101665-04   101665-04.tar.Z
         5.3             101739-07   101739-07.tar.Z
         5.4             102066-04   102066-04.tar.Z
         5.4_x86         102064-04   102064-04.tar.Z


The patches can be obtained from local Sun Answer Centers and through
anonymous FTP from ftp.uu.net in the /systems/sun/sun-dist directory. In
Europe, the patches are available from mcsun.eu.net in the /sun/fixes
directory.

The patches are also available through the usual URL on World Wide Web.

Sun is issuing Security Bulletin #129 with details on February 22;
the patches will become available worldwide during the 24 hours to
follow.



Appendix B:  Sendmail Wrapper
=============================

This wrapper can be used to improve security until you can install a vendor
patch or sendmail version 8.6.10. Note that it does not address all known
sendmail vulnerabilities.

/*
**  sendmail_wrapper.c - wrap sendmail to prevent newlines in command line
**                       and clean up the environment.
**
**  Authors:    Eric Halil, Danny Smith
**              AUSCERT
**              c/o Prentice Centre
**              The University of Queensland
**              Qld.  4072.
**              Australia
**              22-Feb-1995
**
**  Disclaimer:  The use of this program is at your own risk.  It is 
**               designed to combat a particular vulnerability, and may
**               not combat other vulnerabilities, either past or future.
**               The decision to use this program is yours, as are the
**               consequences of its use.
**
**               This program is designed to be an interim relief measure
**               until appropriate patches can be obtained from your vendor.
**
**  Installation instructions
**  =========================
**
**  1.  su to root.
**
**  2.  Determine the location of sendmail.  On SunOS and Ultrix
**      systems, it is located in the /usr/lib directory.  On BSDI
**      systems, it is located in the /usr/sbin directory.  For example
**      purposes only, /usr/lib will be used in the following instructions
**      steps.
**
**  3.  Copy the sendmail program to sendmail.real.  Change the permissions
**      on the copy of sendmail.
**
**              # cd /usr/lib
**              # cp sendmail sendmail.real
**              # chmod 0700 sendmail.real
**
**  4.  Determine the permissions, owner, and group of sendmail.  This
**      information will be used later.
**
**      For BSD users:
**              # ls -lg sendmail
**      For System V users:
**              # ls -l sendmail
**
**  5.  Edit this wrapper program and define REAL_SENDMAIL.  By default,
**      REAL_SENDMAIL is defined as "/usr/lib/sendmail.real".
**
**  6.  Compile this program in a directory other than /usr/lib.  For
**      example to use /tmp, first copy this file into /tmp.
**
**              # cd /tmp
**              # cc -O -o sendmail sendmail_wrapper.c
**
**  7.  Copy this new wrapper program into the directory containing sendmail.
**      Make sure this directory and its parent directories are protected so
**      only root is able to make changes to files in the directory.  This
**      will replace the existing sendmail.  The following steps should be
**      executed quickly.
**
**      Users will not be able to send e-mail during the time when the
**      wrapper is copied into place until the chmod command has been
**      executed.  Use the information from step #4 and set the permissions
**      owner, and group of the new sendmail.
**
**              # cp sendmail /usr/lib/sendmail
**              # cd /usr/lib
**              # chown root sendmail
**              # chmod 4511 sendmail
**
**  8.  Kill the running sendmail process and start the new sendmail.
**
**      For SunOS and Ultrix:
**              # kill -9 `head -1 /etc/sendmail.pid`
**              # /usr/lib/sendmail -bd -q1h
**
**      For BSDI:
**              # kill -9 `head -1 /var/run/sendmail.pid`
**              # /usr/sbin/sendmail -bd -q1h
**
**      For other systems, follow your vendors guidelines or use the
**      following command.  Kill the processes and start the new sendmail.
**              # ps -auxw | grep sendmail | grep -v grep
**              # kill -9 (process id numbers)
**              # ./sendmail -bd -q1h
**
**  9.  Test that mail still works.

** Version 1.1  22-Feb-1995.
*/

#include <stdio.h>

/*
**      REAL_SENDMAIL needs to be defined using the full pathname
**      of the real sendmail.  A few known locations have been defined.
*/

#ifdef sun
#define REAL_SENDMAIL   "/usr/lib/sendmail.real"
#endif

#ifdef ultrix
#define REAL_SENDMAIL   "/usr/lib/sendmail.real"
#endif

#if defined (__bsdi__) || defined(__386BSD__) || defined(__FreeBSD__) || defined(__NetBSD__)

#define REAL_SENDMAIL   "/usr/sbin/sendmail.real"
#endif

int main( argc, argv, envp)
int     argc;
char    *argv[];
char    *envp[];
{
    char        *cp;
    int         i;
    int         j;
    int         status;

/*
**  Ensure that there are no newlines in the arguments
*/
    for ( i = 1; i < argc; i++)
    {
        for ( cp = argv[ i]; *cp != '\0'; cp++)
        {
            if ( ( *cp == '\r') || ( *cp == '\n'))
            {
                *cp = ' ';
            }
        }
    }

/*
**  While we are at it, let's clean up the environment
**  Remove LD_*, IFS, and PATH enviroment variables before execing
*/
    i = 0;
    while( envp[ i] != NULL)
    {
        if ( strncmp( envp[ i], "LD_", 3) == 0)
        {
            j = i;
            while ( envp[ j] != NULL)
            {
                envp[ j] = envp[ j + 1];
                j++;
            }
            continue;
        }
        if ( strncmp( envp[ i], "IFS=", 4) == 0)
        {
            j = i;
            while ( envp[ j] != NULL)
            {
                envp[ j] = envp[ j + 1];
                j++;
            }
            continue;
        }
        if ( strncmp( envp[ i], "PATH=", 5) == 0)
        {
            j = i;
            while ( envp[ j] != NULL)
            {
                envp[ j] = envp[ j + 1];
                j++;
            }
            continue;
        }
/*
**  Now check for newlines in environment variables
*/
        for ( cp = envp[ i]; *cp != '\0'; cp++)
        {
            if ( ( *cp == '\r') || ( *cp == '\n'))
            {
                *cp = ' ';
            }
        }
/*
**  next environment variable
*/
        i++;
    }

/*
** exec the real sendmail now
*/
    status = execve( REAL_SENDMAIL, argv, envp);
    perror( "execve sendmail");
    return( status);
}



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH