rvim
Jeff Kennedy
jlkennedy at amcc.com
Tue Jun 25 09:33:52 EDT 2002
Overwriting a file is less of a concern (I have backups and they would
be fired). The real issue is getting a root shell, with all the
priveledge it provides. As long as they can *only* edit files and not
break out into an open root environment then I'm ok with that.
Thanks for the idea though. I think I might write a wrapper that they
use for rvim; something like 'jumpstart_edit' where jumpstart_edit is
just a script where they can choose which file to edit with rvim. They
run the script as themselves and once a file is chosen it runs 'sudo
rvim <file>'. Think that would work?
~JK
"King, Daniel" wrote:
>
> rvim, and even rview will allow writing out files - any file on the system if they are executed as root. Are you more concerned about malice or stupidity?
>
> malice == :w!/dev/dsk/xxxx
>
> A. Daniel King, System Analyst
> Fiserv - Atlanta Center
> 1475 Peachtree Street, NE - Suite 700
> Atlanta, GA 30309
> 404-873-2851 x2034
>
> -----
> Date: Mon, 24 Jun 2002 07:41:22 -0700
> From: "Jeff Kennedy" <jlkennedy at amcc.com>
> Organization: AMCC
> To: Sudo List <sudo-users at courtesan.com>
> Subject: rvim
>
> I wanted to get some confirmation that I'm not missing anything. We
> want interns to be able to edit certain files like hosts and ethers but
> obviously do not want them to have any root capability. With 'sudo vi'
> they have the ability to execute shell commands as root or simply break
> out into a root shell.
>
> Using rvim I was unable to do the above-mentioned things but wanted to
> make sure I'm not missing a gotcha. No ':!' commands were allowed nor
> was a shell escape.
>
> Anything else I might be missing? Not counting root shell scripts that
> -----
>
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
--
=====================
Jeff Kennedy
Unix Administrator
AMCC
jlkennedy at amcc.com
More information about the sudo-users
mailing list