1 |
On Sun, 2006-11-12 at 05:54 -0500, Mike Frysinger wrote: |
2 |
> in the example usages you cited, people where using `sudo` to just |
3 |
> avoid running `su -` first ... in other words, their sudo was |
4 |
> unlimited ... updating the sudoers file to allow EDITOR via env_keep |
5 |
> would work fine for them |
6 |
> |
7 |
> in that scenario, running any app via EDITOR is not a concern as they |
8 |
> already have the ability to run any command |
9 |
|
10 |
That is right. And I've already raised concerns about this approach in |
11 |
my mail: |
12 |
http://thread.gmane.org/gmane.linux.gentoo.devel/44218/focus=44238 |
13 |
|
14 |
And that is not an answer on question I've asked in this sub-thread: |
15 |
|
16 |
Do you know any way *how* to specify "safe" editors list inside sudoers? |
17 |
|
18 |
I've spent some time and did not found how can I force sudo to edit |
19 |
files with only known editors inside EDITOR. env_keep just keep env |
20 |
variable and does not allow to specify "safe" editors list. I suppose |
21 |
that this is impossible. |
22 |
|
23 |
Or... what do you mean by that: |
24 |
"the sudo file has the ability to specify editor's, so why not tell |
25 |
people to change their sudo config file ?" |
26 |
|
27 |
English is not my native language thus may be I just misunderstood your |
28 |
idea here. Sorry. |
29 |
|
30 |
Peter. |