Dave Huang wrote:
FWIW, my interpretation of the manual ("Evaluates to true if the
system call argument is a subpath of cmdstring") agrees with Niels. It
doesn't say "subdirs," it says "subpath." "/usr" is a subpath of
"/usr/home/elad", in the sense of being a substring. However, it's not
a subdirectory. The term "subpath" is a bit confusing though. Perhaps
the term "parent path" is better?
I modified the way it works based on a PR. I also believe that it makes much more sense to have "inpath" working as a function of directory hierarchy and not substrings. I'd expect people who had their policies broken report this sooner than a month and a half after the commit.. but oh well. I'll revert the change. -e. -- Elad Efrat PGP Key ID: 0x666EB914