On 28.02.2018 15:10, Ingo Schwarze wrote:
Hi,
Felix Maschek wrote on Wed, Feb 28, 2018 at 08:24:19PM +0100:
How would you prevent that something like 'doas vi /etc/fstab'
(which
will run as root) doesn't offer the user to enter a root shell
within vi
(by typing '.sh')?
The sudo(8) utility
Hi,
Felix Maschek wrote on Wed, Feb 28, 2018 at 08:24:19PM +0100:
> How would you prevent that something like 'doas vi /etc/fstab' (which
> will run as root) doesn't offer the user to enter a root shell within vi
> (by typing '.sh')?
The sudo(8) utility has become able, over the decades, to do
Hi,
possibly there is only some missing enlightenment for me.
How would you prevent that something like 'doas vi /etc/fstab' (which
will run as root) doesn't offer the user to enter a root shell within vi
(by typing '.sh')?
You may direct me to appropriate man pages.
Thank you!
Kind regard
Perhaps I am just dense, but what problem does sudoedit solve that is not
easily solved with groups and chmod?
Michael
On Wed, Feb 28, 2018 at 12:57 PM Felix Maschek wrote:
> Hi,
>
> to prevent privilege escalation by allowing 'sudo vi' (simple by
> invoking a shell from within vi) there is a s
Hi,
to prevent privilege escalation by allowing 'sudo vi' (simple by
invoking a shell from within vi) there is a special command 'sudoedit'.
So far I can see this is missing currently if I use doas instead of
sudo.
So adding a similar command is more helpful to secure a system than
special