blob: 362370981fa57c3eff852cc70a01a00672bd6d8a (
plain)
1
2
3
4
5
6
7
8
|
# Rules for when we're running as another user.
# Only 'deny' things which are not allowed.
# If you 'allow' then it will allow the actual operation, not just
# fail to deny the fact that it's 'as' someone else.
define as_is_admin as_group gitano-admin
deny "You may not run things as another user unless you are an admin" !as_is_admin
|
