Réf. : restrict write access to a directory

steve.bernier at desjardins.com steve.bernier at desjardins.com
Tue Jun 26 14:56:27 EDT 2001


Don't do that.

The user could:

sudo /usr/bin/vi /home/jack/tc_config/../../../etc/passwd.

or he could edit a new file while in vi itself (:e /etc/passwd).

vi should never be allowed in sudo (:! let the user execute a command, etc), unless you create a personnalized vi (ie recompile).

Steve




"bee cee" <beecee101 at hotmail.com>@courtesan.com on 2001-06-26 08:37:58

Envoyé par :   sudo-users-admin at courtesan.com


Pour :    sudo-users at courtesan.com
cc :
Objet :   restrict write access to a directory


Hi,

How can I restrict edit (vi access) to files in a particular directory for
a user.

Is this correct..

tempuser        devhost=(root) /usr/bin/vi /home/jack/tc_config/*


I am unable to test this, since this one is a production box and am
not sure if this entry will screw up anything.

Appreciate your help in advance.

Thanks.
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com

____________________________________________________________
sudo-users mailing list <sudo-users at courtesan.com>
For list information, options, or to unsubscribe, visit:
http://www.courtesan.com/mailman/listinfo/sudo-users








More information about the sudo-users mailing list