Inspired by netblue30/firejail#5525.
The sandbox is very restrictive (whitelisting type) and in my preliminary tests everything seems to be working as expected. There is one (minor) glitch though. It concerns the dead.letter
file that MTA's produce when something went wrong in processing mail requests. Which is a good thing. Using the mkfile ${HOME}/dead.letter
option in ssmtp.profile that file is _always_created in the filesystem, regardless of the processing being succesful or not. Having the choice between (1) creating a weaker sandbox (by ditching the whitelisting and avoiding the potential false positive
) and (2) a more hardened sandbox, I opted for the latter. If you happen to create a shell wrapper to sandbox ssmtp via Firejail anyway, it's only a few extra lines to check for a zero-sized ${HOME}/dead.letter file and remove it after ssmtp is done. See the provided ssmtp
file for an example.
NOTES:
The restricted-namespaces
option is currently not available in