commands can start with ./* not just /* -- fixes a serious security hole.

author Todd C. Miller <Todd.Miller@courtesan.com>

Tue, 13 Jan 1998 04:10:08 +0000 (04:10 +0000)

committer Todd C. Miller <Todd.Miller@courtesan.com>

Tue, 13 Jan 1998 04:10:08 +0000 (04:10 +0000)
author Todd C. Miller <Todd.Miller@courtesan.com>
Tue, 13 Jan 1998 04:10:08 +0000 (04:10 +0000)
committer Todd C. Miller <Todd.Miller@courtesan.com>
Tue, 13 Jan 1998 04:10:08 +0000 (04:10 +0000)
diff --git a/parse.c b/parse.c

index c92f91290b31f130b7f8bc7f9f4fa1e1f97a3715..5e90c52b1490e1370dcb34eab32350315eb35ba9 100644 (file)
--- a/parse.c
+++ b/parse.c
@@ -218,7 +218,7 @@ int command_matches(cmnd, user_args, path, sudoers_args)
      static char *c;
  
      /* don't bother with pseudo commands like "validate" */
-    if (*cmnd != '/')
+    if (*cmnd != '/' && *cmnd != '.')
         return(FALSE);
  
      /* only need to stat cmnd once since it never changes */
author	Todd C. Miller <Todd.Miller@courtesan.com>
	Tue, 13 Jan 1998 04:10:08 +0000 (04:10 +0000)
committer	Todd C. Miller <Todd.Miller@courtesan.com>
	Tue, 13 Jan 1998 04:10:08 +0000 (04:10 +0000)