Yes, that was why i picked pico specifically, because it doesn't allow for arbitrary shell commands. I made the mistake of initially giving them access to VI ;-D Great idea tho, i'll look into a script like that.
On Wed, 2002-02-13 at 20:04, Anthony DeRobertis wrote: > > On Wednesday, February 13, 2002, at 01:43 PM, Jason Ramey wrote: > > > correct, an example is as follows: > > > > puck ALL= NOPASSWD: /usr/bin/pico -w /etc/bind/[A-z]* > > > > I'm letting puck edit anything in /etc/bind/ using sudo, no password > > required. this should fit your needs. > > > Remember that most editors let you do interesting things. Like > open arbitrary files. Or execute shell commands. I'm not sure > about pico, but imagine the fun you can have by opening > /etc/shadow or /etc/passwd. Wow, puck now has uid 0 ;-) > > Also, at least vi will let you run commands of your choice. Pico > might even. > > I'd _strongly_ suggest doing something like this, assuming you > need to use sudo (for logging, for example). Write a C/perl > program that: > > 1) Copies the file (securely) to something in /tmp > 2) forks > child: > 1) Drop all priveleges > 2) Spawn user's $VISUAL or $EDITOR. > 3) Wait for child process to die > 4) If successful, install change. > > This way, the editor (which you shouldn't trust) never runs with > privileges. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- Jason Ramey DSL Coordinator KA.net You'll Grow On It 502.992.0324
