[prev in list] [next in list] [prev in thread] [next in thread]
List: sudo-users
Subject: Re: [sudo-users] Request for feedback: regular expressions in sudoers
From: Leigh Brown <leigh () solinno ! co ! uk>
Date: 2012-12-14 14:36:25
Message-ID: 45e356731d0c1cc214a89b6e6b72f463 () doppler ! thel33t ! co ! uk
[Download RAW message or body]
Hi Todd,
On 2012-12-11 18:18, Todd C. Miller wrote:
> I'm planning to include support for regular expression matching of
> commands in the next sudo release. This is something I've wanted
> to do for over ten years. Most likely this would use the pcre
> library to support perl-compatible regular expressions.
>
> One of the main stumbling blocks has been the matter of how to
> specify the regex in the sudoers file. There are two options I've
> been thinking about, but perhaps you all come up with better ones.
[...]
This might be worth considering, the only problem is parsing might be
a bit tricky. The idea is to use the TAG: syntax, like so:
millert ALL=ALL REGEX:^/usr/bin/passwd [A-Za-z][A-Za-z0-9]*$,
!/usr/bin/passwd root
The regular expression is terminated by end of line or a comma (so
commas
would need to be quoted).
Regards,
Leigh.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic