Clarify that executable has to be a full path

author: Drew DeVault <sir@cmpwn.com> 2016-12-02 10:32:08 -0500
committer: Drew DeVault <sir@cmpwn.com> 2016-12-02 10:32:08 -0500
commit: 0c8dc0e6dfbd9272bc22b5476259cd68a1fab35c (patch)
tree: 86f902be50c41fde4459bdf2bfd61b3ade1099e5 /sway/sway-security.7.txt
parent: Soften up environment security (diff)
download: sway-0c8dc0e6dfbd9272bc22b5476259cd68a1fab35c.tar.gz
sway-0c8dc0e6dfbd9272bc22b5476259cd68a1fab35c.tar.zst
sway-0c8dc0e6dfbd9272bc22b5476259cd68a1fab35c.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/sway/sway-security.7.txt b/sway/sway-security.7.txt
index ec11f10b..a1ed9e32 100644
--- a/sway/sway-security.7.txt
+++ b/sway/sway-security.7.txt
@@ -104,11 +104,13 @@ access:
 **permit** <executable> <features...>::
        Permits <executable> to use <features> (each feature seperated by a space).
-        <executable> may be * to affect the default policy.
+        <executable> may be * to affect the default policy, or the full path to the
+        executable file.
 **reject** <executable> <features...>::
        Disallows <executable> from using <features> (each feature seperated by a space).
-        <executable> may be * to affect the default policy.
+        <executable> may be * to affect the default policy, or the full path to the
+        executable file.
 Note that policy enforcement requires procfs to be mounted at /proc and the sway
 process to be able to access _/proc/[pid]/exe_ (see **procfs(5)** for details on
author	Drew DeVault <sir@cmpwn.com>	2016-12-02 10:32:08 -0500
committer	Drew DeVault <sir@cmpwn.com>	2016-12-02 10:32:08 -0500
commit	0c8dc0e6dfbd9272bc22b5476259cd68a1fab35c (patch)
tree	86f902be50c41fde4459bdf2bfd61b3ade1099e5 /sway/sway-security.7.txt
parent	Soften up environment security (diff)
download	sway-0c8dc0e6dfbd9272bc22b5476259cd68a1fab35c.tar.gz sway-0c8dc0e6dfbd9272bc22b5476259cd68a1fab35c.tar.zst sway-0c8dc0e6dfbd9272bc22b5476259cd68a1fab35c.zip