My first contact with this config file. If I properly understand its purpose I think the comment section has an error.
# If a program and symbolic name is not listed, then the # # configured binary is allowed to be run as root. # Shouldn't that be "binary is NOT allowed" ? If I'm correct, then perhaps a better change would be to delete the "not" in the first line. That would signal the security effect of listing a program. This is from a version 3.3.9 Fedora package. Jon -- Jon H. LaBadie j...@jgcomp.com 11226 South Shore Rd. (703) 787-0688 (H) Reston, VA 20190 (703) 935-6720 (C)
