sudo and editor

cmeo at lendtech.com.au cmeo at lendtech.com.au
Thu Apr 19 19:01:35 EDT 2001 

> 
> Message: 1
> From: "john ctr kelly" <john.ctr.kelly at faa.gov>
> Subject: question on parsing directory locations
> Date: Wed, 18 Apr 2001 14:15:30 -0400
> 
>      I am implementing sudo on a Linux system and I am having a problem =
> implementing vi.  I want to restrict access to a shell which I am able =
> to accomplish by using rvi but I can not (not sure if I can) restrict =
> access to certain directories for editing.

[snip]

> 
> Heikki,
> 
>      Thanks for your input, it works.  I must have done something wrong.
> Now I can see another problem that is problematic of using an editor.  Even
> though I can restrict the access to a directory etc when invoking rvi,  I
> cant stop them from writing out to a different file within rvi.  Do you have
> any thoughts on this or is this just a bad thing to do (include an editor)?

Sudo is most effective when used to extend the root privilege to users who 
may not have the skill to use the # prompt safely. A pre-programmed
editing task, e.g. some sort of script or program with some menu options,
would be better.

It might be worthwhile to have a think about what the user needs to achieve
with the editor and come up with another way of doing it than vi. E.g will 
a sed or awk script which prompts for a few values work?

I like to think of three layers of users when considering sudo:

operator: may not inspect system state, may change it but with no discretionary
control. Example: running backups. Sudo great here.

helpdesk: may inspect system state (e.g, use sudo to expose
system logs with a secure viewer) and change it with limited discretion.

Example: lpstat/cancel/lpadmin. Also good, with the added bonus of logging
these activities which may suggest the next round of things needing scripting.

administrator: may inspect and alter system state at will. # prompt. Abandon all
hope...

Control to this access is fairly futile at the operating system level. It 
is often achieved by restricted access to the superuser password and careful
logging of such access from an external point, if you care greatly about such
things.

Chuck

More information about the sudo-users mailing list