[sudo-users] Odd behaviour with filename wildcards
Todd C. Miller
Todd.Miller at courtesan.com
Fri Nov 26 13:42:20 EST 2004
The reason is that sudo use fnmatch() to do shell-style wildcard
matching which works on strings. In sudo 1.7 (and the current cvs
sources), the glob() routine will be used instead which does actually
read the directory looking for matches. There's no ETA on sudo 1.7
as it has not yet reached the beta state.
However, if all you want to do is to allow a user access to any
program in the directory /my/path, you should use "/my/path/" in
sudoers instead of "/my/path/*". Sudo has builtin support for
allowing all commands in a directory without the need for wildcards.
- todd
More information about the sudo-users
mailing list