Re: [OFF] Sudo
Hi,
Raj Kiran Grandhi <grajkiran@gmail.com> writes:
> Márcio Luciano Donada wrote:
>> I wonder if it is possible using the sudo leave with only the user can
>> edit the files that are in /etc/squid.
>
> A better option would be to chmod g+w the files in /etc/squid and then
> add the relevant users to that group.
>
> If you really want to do it using sudo, I think you should specify the
> complete command like '/usr/bin/vim /etc/squid/file' in the sudoers
> file. See the Cmnd_Alias section of sudoers(5) for more details.
This is a bad idea since most text editors allow the execution of
arbitrary commands. You should give
sudoedit /etc/squid/file
as the command. This allows users to edit the file with
sudo -e /etc/squid/file
with their favorite editor. A temporary copy is created for editing,
the text editor started as the user, and the edited file is copied
back.
Regards,
Ansgar
--
PGP: 1024D/595FAD19 739E 2D09 0969 BEA9 9797 B055 DDB0 2FF7 595F AD19
Reply to:
- References:
- [OFF] Sudo
- From: Márcio Luciano Donada <mdonada@auroraalimentos.com.br>
- Re: [OFF] Sudo
- From: Raj Kiran Grandhi <grajkiran@gmail.com>