From ca83152ad95b41c9a3ba1c3cfc95ec3e32452d64 Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@users.noreply.github.com>
Date: Sat, 5 Aug 2023 18:27:26 +0200
Subject: [PATCH] Update snuffleupagus.rules

---
 webmails/snuffleupagus.rules | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/webmails/snuffleupagus.rules b/webmails/snuffleupagus.rules
index b1d8b353..5e619a8a 100644
--- a/webmails/snuffleupagus.rules
+++ b/webmails/snuffleupagus.rules
@@ -73,8 +73,7 @@ sp.disable_function.function("system").param("command").value_r("[$|;&`\\n\\(\\)
 sp.disable_function.function("shell_exec").param("command").value_r("[$|;&`\\n\\(\\)\\\\]").drop();
 sp.disable_function.function("exec").param("command").value_r("[$|;&`\\n\\(\\)\\\\]").drop();
 # This is **very** broad but doing better is non-straightforward
-sp.disable_function.function("proc_open").param("command").value_r("^gpg ").allow();
-sp.disable_function.function("proc_open").param("command").value_r("^/usr/bin/gpg ").allow();
+sp.disable_function.function("proc_open").param("command").value_r("^(/usr/bin/)?gpg ").allow();
 sp.disable_function.function("proc_open").param("command").value_r("[$|;&`\\n\\(\\)\\\\]").drop();
 
 # Prevent runtime modification of interesting things