Nigel Metheringham edited this page Nov 29, 2012 · 2 revisions

Q0406


`Navigation(siblings)`_


Q0406

Question

Some of my users are using the .forward to pipe to a shell command which appends to the user's INBOX. How can I forbid this?

Answer

If you allow your users to run shells in pipes, you cannot control which commands they run or which files they write to. However, you should point out to them that writing to an INBOX by arbitrary commands is not interlocked with the MTA and MUAs, and is liable to mess up the contents of the file. If a user simply wants to choose a specific file for the delivery of messages, this can be done by putting a file name in a .forward file rather than using a pipe, or by using the save command in an Exim filter file. You can set forbid_pipe on the router, but that will prevent them from running any pipe commands at all. Alternatively, you can restrict which commands they may run in their pipes by setting the allow_commands and/or restrict_to_path options in the address_pipe transport.


Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.