Chat now with support
Chat with Support

Safeguard for Sudo 7.1.1 - Administration Guide

Introducing Safeguard for Sudo Planning Deployment Installation and Configuration Upgrade Safeguard for Sudo System Administration Managing Security Policy Administering Log and Keystroke Files Troubleshooting Safeguard Variables Safeguard programs Installation Packages Unsupported Sudo Options Safeguard for Sudo Policy Evaluation

pmshell_forbid

Description

Type list READ/WRITE

pmshell_forbid contains a list of regular expressions loaded on startup by the Privilege Manager for Unix shell programs: pmsh, pmcsh, pmksh, and pmbash. The list may contain regular expressions.

Any command entered by the user during the shell session, that matches one of these expressions, will be forbidden without any further authorization by the pmmasterd, and will not be logged as an event. All shell subcommands are matched with this list before checking the allowed list. By default, the variable contains an empty list.

Example
pmshell_forbid = {"kill","passwd"};
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating