From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LXP11-0001Hv-U3 for garchives@archives.gentoo.org; Thu, 12 Feb 2009 00:01:16 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id BF3CBE02B8; Thu, 12 Feb 2009 00:01:13 +0000 (UTC) Received: from mail.digimed.co.uk (82-69-83-178.dsl.in-addr.zen.co.uk [82.69.83.178]) by pigeon.gentoo.org (Postfix) with ESMTP id 831FAE02B8 for ; Thu, 12 Feb 2009 00:01:13 +0000 (UTC) Received: from zaphod.digimed.co.uk (zaphod.digimed.co.uk [192.168.1.1]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.digimed.co.uk (Postfix) with ESMTPSA id 8C50E4578DB for ; Thu, 12 Feb 2009 00:01:12 +0000 (GMT) Date: Thu, 12 Feb 2009 00:01:04 +0000 From: Neil Bothwick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Permissions of /etc/sudoers Message-ID: <20090212000104.4f78645e@zaphod.digimed.co.uk> In-Reply-To: <499364B6.1050709@gmail.com> References: <498FD0A1.2080205@spotonlinux.org> <499364B6.1050709@gmail.com> Organization: Digital Media Production X-Mailer: Claws Mail 3.7.0cvs57 (GTK+ 2.14.7; x86_64-pc-linux-gnu) X-GPG-Fingerprint: 7260 0F33 97EC 2F1E 7667 FE37 BA6E 1A97 4375 1903 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_/mvs.U.yqUMlkJgaxhzKGThc"; protocol="application/pgp-signature"; micalg=PGP-SHA1 X-Archives-Salt: 264a35a6-d03c-4cf8-a8e6-63065f996331 X-Archives-Hash: ad2c1d856344d50ec35cb69e8bd91b26 --Sig_/mvs.U.yqUMlkJgaxhzKGThc Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Thu, 12 Feb 2009 00:52:22 +0100, b.n. wrote: > > The file /etc/sudoers should always be edited with visudo. visudo uses > > file locking, provides basic sanity checks and checks for parse > > errors. =20 >=20 > This always made me crazy. >=20 > Why, why, why should I use a specialized editor to edit a system file? > It's not like we have vixorgconf, vifstab. You are welcome to edit these > files with any editor you like. Why is /etc/sudoers special? It's no more special than /etc/passwd, which should be edited with vipw. And it's not a specialised editor, these are just wrappers that call $EDITOR, so you end up using the same program to edit the files, but with a safety net. Remember that some systems restrict root access, so a fscked /etc/sudoers could lock you out. It's not like you HAVE to use the wrapper either, there's nothing to stop you using any editor you like, directly, and it's the best choice if you want to be free to screw up the file.=20 --=20 Neil Bothwick Procedure: (n.) a method of performing a program sub-task in an inefficient way by extensively using the stack instead of a GOTO. --Sig_/mvs.U.yqUMlkJgaxhzKGThc Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkmTZscACgkQum4al0N1GQP9XQCeKOHvVVjryLbmMoe9jPD1+JF/ X4gAoLXfhuepbqEbMMJ+/all+IG466Wn =oV1d -----END PGP SIGNATURE----- --Sig_/mvs.U.yqUMlkJgaxhzKGThc--