suedit [was: Re: visudo enhancement to edit-syntax-check arbitrary files ]

[William R. Ward]

Bob Proulx writes:
>> >Oh, you mean the "suedit" idea.  Sorry, yes, I was confused by
>> >the mail Subject here.  I don't object to the idea of "suedit",
>> >though I'm not sure whether or not it should really be part of
>> >visudo or a separate program/script.
>> >
>> >But it will have to wait until after sudo 1.6.4 is out.
>> 
>> It's a pretty major change, so I can appreciate that you would not
>> release it without some serious thought.
>
>I rather liked the idea of a "helper" program, which would give up
>superuser access to become a non-privileged user for spawning subtasks
>in general, and then resume root afterward.  I can't think of anything
>right now but if that was general purpose then other needs than just
>editing files would present themselves.  I would not limit it to just
>editing files.
>
>I would not modify sudo in any way.  IMNHO this should be a separate
>utility.  Keep the design modular and each program focused on what it
>does best.  Creeping features and code bloat lead to undiscovered bugs
>which in turn cause security issues when dealing with suid programs.

The reason why I would recommend modifying sudo is to allow the
sudoers file to more easily configure such actions.  This way you can
add "Edit_Alias" entries instead of some rather complex "Cmnd_Alias"
options; just list the filenames that the users are allowed to edit.

Maybe there is some value in making this functionality be a specific
instance of the "helper" program you describe, so that it can be used
for more general things.  However, the sudoers syntax could get even
more hairy in that case.

--Bill.

-- 
William R Ward            bill at wards.net          http://www.wards.net/~bill/
-----------------------------------------------------------------------------
     If you're not part of the solution, you're part of the precipitate.