Description

Type list READ/WRITE

pmshell_forbid contains a list of regular expressions loaded on startup by the Privilege Manager for Unix shell programs: pmsh, pmcsh, pmksh, and pmbash. The list may contain regular expressions.

Any command entered by the user during the shell session, that matches one of these expressions, will be forbidden without any further authorization by the pmmasterd, and will not be logged as an event. All shell subcommands are matched with this list before checking the allowed list. By default, the variable contains an empty list.

Example
pmshell_forbid = {"kill","passwd"};
Related Topics

pmshell

pmshell_restricted

pmshell_checkbuiltins

pmshell_cmd

pmshell_prog

pmshell_reject

pmshell_allow

pmshell_restricted