restrict write access to a directory
John E Hein at work
jhein at timing.com
Tue Jun 26 10:26:30 EDT 2001
bee cee wrote at 08:37 -0400 on Jun 26:
> How can I restrict edit (vi access) to files in a particular directory for
> a user.
> Is this correct..
> tempuser devhost=(root) /usr/bin/vi /home/jack/tc_config/*
short answer... no
Ignoring some of the syntactic details of the above partial sudoers
entry for the moment...
As someone said earlier in a different thread, sudoer's *'s are not the
same as shell globbing.
Furthermore, there's not much point in pursuing this exact path...
for instance, how do you plan to prevent them from doing ':w' once in vi?
Or as in another recent thread... preventing vi's ! side effects.
More information about the sudo-users