possibly there is only some missing enlightenment for me.
How would you prevent that something like 'doas vi /etc/fstab' (which
will run as root) doesn't offer the user to enter a root shell within vi
(by typing '.sh')?
You may direct me to appropriate man pages.
Perhaps I am just dense, but what problem does sudoedit solve that is not
easily solved with groups and chmod?
On Wed, Feb 28, 2018 at 12:57 PM Felix Maschek wrote:
> to prevent privilege escalation by allowing 'sudo vi' (simple by
> invoking a shell from
to prevent privilege escalation by allowing 'sudo vi' (simple by
invoking a shell from within vi) there is a special command 'sudoedit'.
So far I can see this is missing currently if I use doas instead of
So adding a similar command is more helpful to secure a system than