On Tue, Jan 21, 2003 at 12:25:35PM +0100, martin f krafft wrote: > when I allow something like this in sudo: > > /usr/bin/tail /var/log/* > > I allow read-access to all of /var/log. However, I also allow read > access to /etc/shadow: > > /usr/bin/tail /var/log/../../etc/shadow > > does work. How can I best restrict that? I've tried /usr/bin/tail/[^.]* mfg, Stephen Rüger -- Jede Nation spottet über die andere, und alle haben recht. -- Schopenhauer
Attachment:
pgp0ceTUqDlIx.pgp
Description: PGP signature