Description

Type list READ/WRITE

pmshell_forbid contains a list of regular expressions loaded on startup by the Privilege Manager for Sudo shell programs: pmsh, pmcsh, pmksh, and pmbash. The list may contain regular expressions.

Any command entered by the user during the shell session, that matches one of these expressions, will be forbidden without any further authorization by the pmmasterd, and will not be logged as an event. All shell subcommands are matched with this list before checking the allowed list. By default, the variable contains an empty list.

Example
pmshell_forbid = {"kill","passwd"};