-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Content-Type: text/plain; charset=us-ascii
In message <20011129165355.A15543@ch208h>, Mike Renfro writes: >> A lazy sysadmin, not thinking through the ramifications, might put >> things like "/usr/bin/vi /etc/aliases" in the sudoers file, thinking >> that it limits access. But of course, vi has the ":e" command... > >Searched groups.google.com for "secure vi shell escape", and found: > >http://groups.google.com/groups?hl=en&selm=65utkq%2480p%40winx03.informatik.un >i-wuerzburg.de > >and it looks like nvi still supports the secure options mentioned >there. Vim also supports something similar, either by prepending r to the executable name (rvim) or adding the -Z flag. - -- Ted Cabeen http://www.pobox.com/~secabeen [EMAIL PROTECTED] Check Website or Keyserver for PGP/GPG Key BA0349D2 [EMAIL PROTECTED] "I have taken all knowledge to be my province." -F. Bacon [EMAIL PROTECTED] "Human kind cannot bear very much reality."-T.S.Eliot [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (OpenBSD) Comment: Exmh version 2.5 07/13/2001 iD8DBQE8BsC0oayJfLoDSdIRAp0FAJ4nReHeeCvDbTQM/KOGLmdSNi/AgQCgykls /CfA9U8dx28dUi0CX4Aqyuo= =FYJ6 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
