[juneau-lug] Re: visudo

James, thanks for the better answer, but could you explain that a little 
more?  How is a file (this file) being editted inscure?  It creates an 
insecure temprary copy in a public directory?  Or can a non-priviledged 
user gain access to another users memory?  Where does the risk come from?

Thanks,
-Jamie

James Zuelow wrote:

>On Sat, 31 Jan 2004 19:30:47 -0900
>"Charles R. Hakari" <chakari@xxxxxxxxxxxxx> wrote:
>
>  
>
>>I guess so. By reading the documentation, it made it sound like this 
>>file should only be edited with visudo. I guess visudo does some special 
>>things like locks and integrity checking, but I guess in a single user 
>>environment, doing what you did is o.k. I'll give it a try. Thanks!
>>
>>Chuck
>>
>>    
>>
>
>Chuck, you're right - all visudo does (and vipw, or vigroup) is lock that file 
>down when it is being edited.  Otherwise it is straight vi.  There are no 
>special vi modules loaded to check or highlight syntax, etc.  Which is too 
>bad, because IMHO that would be very useful.
>
>If you have no reason to suspect that another user on your system might try to 
>take advantage of "insecure" temp files, etc. then you can use any editor to 
>change the config files.
>
>Cheers,
>
>James
>
>------------------------------------
>This is the Juneau-LUG mailing list.
>To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the 
>word unsubscribe in the subject header.
>  
>

-- 
Browns Homepage (pics updated 18Jan2004) http://jdb.homelinux.net


------------------------------------
This is the Juneau-LUG mailing list.
To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the 
word unsubscribe in the subject header.

Other related posts: