Years ago, when sendmail was new, and people didn't go around cracking
into systems, because most of the time, they'd give you a shell account if
you asked, sendmail was able to run programs on the target machine.
I was wondering - if it could be done securely, would it be something
that would be useful these days ?
For example;
Send a mail to a "cron" user, asking it to setup a cron job for such a
user - like start downloading RedHat 8.0 ISOs which were released
when you were at home
Send a mail to "services" asking it start up sshd, so you could SSH in
from home.
Send a mail in to exec a program of your choice, and mail you back the
output. Hey, you could write a shell around this...
Send a mail asking for a "status" (uptime, load, number of users).
Send a mail asking for a file - so the file agent would send you a
reply, with the file attached (memories of "mail FTP"...).
Dead handy for getting around firewalls etc, or when you are on a machine
that you don't have access to SSH on. However, security would be a
problem. Would it be sufficent to have an /etc/mail_proxy_users,
containing the GPG public keys of those allowed to run commands (and of
course, mails would have to be verified first) ?
Kate
--
_______________________________________
John Looney Chief Scientist
a n t e f a c t o t: +353 1 8586004
www.antefacto.com f: +353 1 8586014
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
