[sudo-users] sudoedit option to edit stdin or other file descriptor

[ronan at rjp.ie]

Hi sudoers,

I'm wondering if you think there would be any utility in a sudoers option that passes files by open file descriptor on stdin or another fd. Some editors like vim have the ability to edit from stdin with invocations like 'vim -'. The advantage I see here is that it may be preferable not to create a user-owned copy of files the user would not normally have read permission for, which could help to not accidentally leak the content to other user processes reading /var/tmp or even just /proc/pid/fd/<fd>.

I realize that isn't really sudo's security model, and it's not really our responsibility to protect against a malicious user process, but it still seems like it could be useful. I can forsee, for example, how a non-malicious but naive script looking for specific filename prefixes in /tmp could even accidentally be reading privileged files if the user uses sudoedit, since the tmp filename is derived directly from the original filename.

Cheers,
Ronan