vi and sudo
Allan.Marillier at dana.com
Allan.Marillier at dana.com
Wed Jun 5 12:47:10 EDT 2002
If you compile vim and set up your sudoers file so that the users can
access
only rvim, then yes, you're safe.
"Jeff Kennedy"
<jlkennedy at amcc. To: Allan.Marillier at dana.com
com> cc: tom.robinson at ehbas.com, sudo-users at sudo.ws,
gsaoutine at yahoo.com
06/05/02 09:17 Subject: Re: vi and sudo
AM
I know this is an old post but I have a question on this. Is Allan
saying that vim compiled for Solaris will allow file editing as root
*without* allowing a shell escape? So in essence I can allow interns to
add jumpstart clients by editing the RCS host file without worrying
about them breaking out and munging something else?
Thanks.
~JK
Allan.Marillier at dana.com wrote:
>
> vi on Linux is very often vim, which gives you the rvi
>
> You can go to http://www.vim.org and download the latest source
> for vim and compile it for any platform. I've built it with no trouble
> on HP-UX and AIX, and also use precompiled vim executables on
> my PC under Windows. (Adding some class and power to the OS!)
>
> vim also gives you a GUI environment if you want it (gvim) and has a
rgvim
> version as well, to give a restricted GUI vi.
>
> vim has a number of benefits over stock vi, including providing simple
> file locking - ensuring that two people don't vi the same file at the
same
> time
> and trash each other's changes.
>
> (No - I have nothing to do with the vim project - I just believe it's a
> very good
> vi implentation.)
>
>
> "Thomas
> Robinson" To: <sudo-users at sudo.ws>
> <tom.robinson@ cc:
> ehbas.com> Subject: RE: vi and sudo
> Sent by:
> sudo-users-adm
> in at sudo.ws
>
>
> 04/23/02 04:46
> AM
>
>
>
> > dear list,
> >
> > i am new to sudo and recently installed it on sun
> > solaris 2.6. when i open vi while acting in the sudo
> > context, vi still seems lets me execute shell commands
> > as root.
>
> I'm not sure about Solaris, but linux has /bin/rvi and /bin/rview which
> restrict the use of such things as executing shells from within an
> editing session.
>
> Tom
>
> This e-mail message is meant solely for the person or organisation to
whom
> it is adressed. The message may contain personal or confidential
> information, or information that is not public in nature. Ehbas Ltd
accepts
> no responsibility for message content and possible attachments that are
> unlawful or of questionable decency. Further dissemination, publication
or
> duplication of this message is strictly prohibited if the person or
> organisation receiving this message is not the intended recipient. In the
> event that you are not the intended recipient, we request you to refrain
> from using the content and to immediately inform the sender of the error
by
> returning the message. Thank you for your co-operation.
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
>
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
--
=====================
Jeff Kennedy
Unix Administrator
AMCC
jlkennedy at amcc.com
More information about the sudo-users
mailing list