On Fri, Jun 14, 2013 at 11:25:39AM -0400, Doug wrote:
> While you are "supposed" to use visudo to edit sudoers, that
> requires that you know how to use the vi editor. Visudo is designed
> to catch mistakes that you make. However, you can edit sudoers with
> any editor; it is only a text file and doesn't know any better. You
> must have root privileges to edit sudoers, however.
Technically, visudo doesn't require vi. From the man page:
There is a hard-coded list of one or more editors that visudo will use
set at compile-time that may be overridden via the editor sudoers
Default variable. This list defaults to /usr/local/bin/vi. Normally,
visudo does not honor the VISUAL or EDITOR environment variables unless
they contain an editor in the aforementioned editors list. However, if
visudo is configured with the --with-env-editor option or the
env_editor Default variable is set in sudoers, visudo will use any the
editor defines by VISUAL or EDITOR. Note that this can be a security
hole since it allows the user to execute any program they wish simply
by setting VISUAL or EDITOR.
But of course that requires configuration. And I stick to my repeated
position that avoiding editing sudoers is the best choice.
--
Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mat...@fedoraproject.org>
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
