1 |
On Sun, Nov 12, 2006 at 04:56:33AM -0500, Mike Frysinger wrote: |
2 |
> On 11/12/06, Harald van Dijk <truedfx@g.o> wrote: |
3 |
> >On Sun, Nov 12, 2006 at 04:34:25AM -0500, Mike Frysinger wrote: |
4 |
> >> On 11/12/06, Peter Volkov (pva) <pva@g.o> wrote: |
5 |
> >> >The possible solution is to add virtual/editor ebuild |
6 |
> >> |
7 |
> >> this is a horrible idea |
8 |
> >> |
9 |
> >> why not modify sudo to not filter the EDITOR env var then there is no |
10 |
> >> more problem |
11 |
> > |
12 |
> >Except for a gaping security hole. |
13 |
> |
14 |
> pulling a ciaranm here huh ? if a guy has access to `sudo`, then |
15 |
> having a modified environment isnt going to make much difference |
16 |
|
17 |
sudo can be configured to only allow access to a select few applications. |
18 |
Allowing arbitrary EDITOR settings completely bypasses this. |
19 |
-- |
20 |
gentoo-dev@g.o mailing list |