Re: Réf. : restrict write access to a directory

Rich Dempsey dempsey at kodak.com
Thu Jun 28 09:24:37 EDT 2001 

The user can copy the file to his home directory, edit it there, and
copy it back to the system directory.

Better, the user can check it out of a source code management
system, such as CVS, edit it, and check it back in, and install to
production from the repository.

Rich

At 08:49 AM 06/28/2001 -0400, bee cee wrote:

>Is there any other way to allow user to edit the config files in a
>directory?
>
>Thanks
>
>>From: steve.bernier at desjardins.com
>>To: beecee101 at hotmail.com
>>CC: sudo-users at courtesan.com
>>Subject: Réf. : restrict write access to a directory
>>Date: Tue, 26 Jun 2001 14:56:27 -0400
>>
>>
>>Don't do that.
>>
>>The user could:
>>
>>sudo /usr/bin/vi /home/jack/tc_config/../../../etc/passwd.
>>
>>or he could edit a new file while in vi itself (:e /etc/passwd).
>>
>>vi should never be allowed in sudo (:! let the user execute a command, etc), unless you create a personnalized vi (ie recompile).
>>
>>Steve
>>
>>
>>
>>
>>"bee cee" <beecee101 at hotmail.com>@courtesan.com on 2001-06-26 08:37:58
>>
>>Envoyé par :   sudo-users-admin at courtesan.com
>>
>>
>>Pour :    sudo-users at courtesan.com
>>cc :
>>Objet :   restrict write access to a directory
>>
>>
>>Hi,
>>
>>How can I restrict edit (vi access) to files in a particular directory for
>>a user.
>>
>>Is this correct..
>>
>>tempuser        devhost=(root) /usr/bin/vi /home/jack/tc_config/*
>>
>>
>>I am unable to test this, since this one is a production box and am
>>not sure if this entry will screw up anything.
>>
>>Appreciate your help in advance.
>>
>>Thanks.
>>_________________________________________________________________
>>Get your FREE download of MSN Explorer at http://explorer.msn.com
>>
>>____________________________________________________________
>>sudo-users mailing list <sudo-users at courtesan.com>
>>For list information, options, or to unsubscribe, visit:
>>http://www.courtesan.com/mailman/listinfo/sudo-users
>>
>>
>>
>>
>>
>>____________________________________________________________
>>sudo-users mailing list <sudo-users at courtesan.com>
>>For list information, options, or to unsubscribe, visit:
>>http://www.courtesan.com/mailman/listinfo/sudo-users
>
>_________________________________________________________________
>Get your FREE download of MSN Explorer at http://explorer.msn.com
>
>____________________________________________________________ sudo-users mailing list <sudo-users at courtesan.com>
>For list information, options, or to unsubscribe, visit:
>http://www.courtesan.com/mailman/listinfo/sudo-users

--

Richard C. Dempsey              email: dempsey at kodak.com
Kodak.com                       pager: 716-975-3539
3rd Floor, Bldg 16, KO          phone: 716-781-5232
Eastman Kodak Company
Rochester, NY 14650-0706

More information about the sudo-users mailing list