Re: More useful: something like doasedit

On 28.02.2018 15:10, Ingo Schwarze wrote: Hi, Felix Maschek wrote on Wed, Feb 28, 2018 at 08:24:19PM +0100: How would you prevent that something like 'doas vi /etc/fstab' (which will run as root) doesn't offer the user to enter a root shell within vi (by typing '.sh')? The sudo(8) utility

Re: More useful: something like doasedit

Hi, Felix Maschek wrote on Wed, Feb 28, 2018 at 08:24:19PM +0100: > How would you prevent that something like 'doas vi /etc/fstab' (which > will run as root) doesn't offer the user to enter a root shell within vi > (by typing '.sh')? The sudo(8) utility has become able, over the decades, to

Re: More useful: something like doasedit (was: Utility to safely edit doas.conf)

Hi, possibly there is only some missing enlightenment for me. How would you prevent that something like 'doas vi /etc/fstab' (which will run as root) doesn't offer the user to enter a root shell within vi (by typing '.sh')? You may direct me to appropriate man pages. Thank you! Kind

Re: More useful: something like doasedit (was: Utility to safely edit doas.conf)

Perhaps I am just dense, but what problem does sudoedit solve that is not easily solved with groups and chmod? Michael On Wed, Feb 28, 2018 at 12:57 PM Felix Maschek wrote: > Hi, > > to prevent privilege escalation by allowing 'sudo vi' (simple by > invoking a shell from

More useful: something like doasedit (was: Utility to safely edit doas.conf)

Hi, to prevent privilege escalation by allowing 'sudo vi' (simple by invoking a shell from within vi) there is a special command 'sudoedit'. So far I can see this is missing currently if I use doas instead of sudo. So adding a similar command is more helpful to secure a system than special