Preventing unsafe path navigation

When defining command rights, you should consider whether the command or any of the allowed command arguments could be exploited to perform unauthorized operations. One way command arguments can be exploited is to allow navigation up the path hierarchy. To prevent command arguments from allowing unsafe navigation up a path hierarchy, you can select the Prevent navigation up a path hierarchy. For example, if a command right allows a user to execute a command such as vi /etc/httpd/conf/* without this option, the right could be exploited by specifying a command argument that navigates up a path hierarchy to perform an unauthorized operation. In this case, the right might be used to edit any file as the root user by specifying a relative path as a command-line argument.

vi /etc/httpd/conf/../../shadowpass

You can avoid this potential security risk by disabling upward path navigation for command arguments, if needed. Note that this setting is only supported in hierarchical zones and is only applicable for glob command rights.