Summary:Sudo access and vi

From: MADHU BARKUR <madhu_barkur_at_yahoo.com>
Date: Thu Aug 30 2001 - 14:23:20 EDT
 The bottom line is sudo cannot control the child
process from "vi". Some pointed to use ACL to change
the permission on files. This cannot be used on
dynamically created files, which needs to be edited.

some pointed out in security threat in editing the
/etc/passwd /.profile files as command line arguments
on /usr/bin/vi. But fortunately these will be reported
in SUDO log file and which will be monitored
continuously.

Few suggested to use "pico" instead of "vi" ,
unfortunately users are not ready to learn the new
editor.

I have end up with two options:

1) create a cron job to use setfacl on newly created
files 
2) recompile VIM to remove the shell mode or file edit
mode.

Thanks for

John T. Douglass
Benjamin L. Kelley
Scott McCool <smmccool@aethersystems.com> 
Tim Wort tim@pobox.com
"Jonathan A. Zdziarski" jonathan@cafejesus.com
Jed Dobson jed@wgtech.com
"Matthew Stier" Matthew.Stier@fnc.fujitsu.com
Jay Lessert jayl@accelerant.net
"Kevin M. Korb" kmk@sanitarium.net
Bob Fulwiler bobf@swamp.ns.cs.boeing.com
Mortensen

 for your suggestion.

Madhu B.

__________________________________________________
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger
http://im.yahoo.com
Received on Thu Aug 30 19:23:20 2001

This archive was generated by hypermail 2.1.8 : Wed Mar 23 2016 - 16:25:03 EDT