system_settings_system_wide_preferences_configure.yaml is missing full path to security binary

[RomanTatar-wandera]

Summary

system_settings_system_wide_preferences_configure.yaml in sonoma branch is missing full path to security binary

Steps to reproduce

    if [[ $(security -q authorizationdb read "$section" | /usr/bin/xmllint -xpath '//*[contains(text(), "group")]/following-sibling::*[1]/text()' - ) != "admin" ]]; then
      result="0"
    fi

macos_security/rules/system_settings/system_settings_system_wide_preferences_configure.yaml

Line 14 in 8d3ac52

if [[ $(security -q authorizationdb read "$section" | /usr/bin/xmllint -xpath '//*[contains(text(), "group")]/following-sibling::*[1]/text()' - ) != "admin" ]]; then

What is the current bug behavior?

Without full path attacker can put earlier into path different security binary
Instead of intended file will be executed mallicious binary
Code execution

What is the expected correct behavior?

On line 14 security -q should be /usr/bin/security -q