On Sun, 2006-11-12 at 05:54 -0500, Mike Frysinger wrote: > in the example usages you cited, people where using `sudo` to just > avoid running `su -` first ... in other words, their sudo was > unlimited ... updating the sudoers file to allow EDITOR via env_keep > would work fine for them > > in that scenario, running any app via EDITOR is not a concern as they > already have the ability to run any command
That is right. And I've already raised concerns about this approach in my mail: http://thread.gmane.org/gmane.linux.gentoo.devel/44218/focus=44238 And that is not an answer on question I've asked in this sub-thread: Do you know any way *how* to specify "safe" editors list inside sudoers? I've spent some time and did not found how can I force sudo to edit files with only known editors inside EDITOR. env_keep just keep env variable and does not allow to specify "safe" editors list. I suppose that this is impossible. Or... what do you mean by that: "the sudo file has the ability to specify editor's, so why not tell people to change their sudo config file ?" English is not my native language thus may be I just misunderstood your idea here. Sorry. Peter.
signature.asc
Description: This is a digitally signed message part
