Unix administration - Re: Beginner Question: Allowing sudo to vi hosts file

This is Interesting: Free IT Magazines  
Home > Archive > Unix administration > July 2006 > Re: Beginner Question: Allowing sudo to vi hosts file





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Re: Beginner Question: Allowing sudo to vi hosts file
Michael Paoli

2006-07-23, 1:21 pm

underh20.scubadiving@gmail.com wrote:
> We've been asked to allow a user to update (add/modify/delete)
> lines in the /etc/inet/hosts file. That file is currently has
> permission 644. Could we use
> sudo to only allow that user to "vi" and modify that file ? If yes,
> how do we set
> that up in the /etc/sudoers file ?

vi is far too unrestricted (and also generally big and complex) to be
securely used by root to only and exactly edit one specific file
pathname and not be allowed to do anything else.

What's wrong with:
$ vi hosts
$ sudo /bin/cp hosts /etc/inet/hosts

"Everything should be made as simple as possible, but no simpler."
- Albert Einstein

Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com