From ab9b352455ccbb9a1d2d0ab21bb76680d8f6f73d Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Tue, 13 Jan 1998 04:10:08 +0000
Subject: [PATCH] commands can start with ./* not just /* -- fixes a serious
 security hole.

---
 parse.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/parse.c b/parse.c
index c92f91290..5e90c52b1 100644
--- a/parse.c
+++ b/parse.c
@@ -218,7 +218,7 @@ int command_matches(cmnd, user_args, path, sudoers_args)
     static char *c;
 
     /* don't bother with pseudo commands like "validate" */
-    if (*cmnd != '/')
+    if (*cmnd != '/' && *cmnd != '.')
 	return(FALSE);
 
     /* only need to stat cmnd once since it never changes */
-- 
2.40.0