From: Todd C. Miller Date: Fri, 21 Jun 2019 20:54:09 +0000 (-0600) Subject: sudoedit should be used for editing files instead of "sudo editor" X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=81602ad086e6fafe931831ff08a257289077d83e;p=sudo sudoedit should be used for editing files instead of "sudo editor" That way the user's editor config files are used by the editor. --- diff --git a/doc/TROUBLESHOOTING b/doc/TROUBLESHOOTING index d436dc450..817f7deeb 100644 --- a/doc/TROUBLESHOOTING +++ b/doc/TROUBLESHOOTING @@ -137,7 +137,9 @@ A) Many programs use the HOME environment variable to locate While it is possible to preserve the value of the HOME environment variable by adding it to the "env_keep" list in the sudoers file, - doing so is strongly discouraged. + doing so is strongly discouraged. Users wishing to edit files + with sudo should run sudoedit (or sudo -e) to get their accustomed + editor configuration instead of invoking the editor directly. Q) How can I keep sudo from asking for a password? A) To specify this on a per-user (and per-command) basis, use the diff --git a/doc/sudoers.man.in b/doc/sudoers.man.in index d8be52feb..31986c823 100644 --- a/doc/sudoers.man.in +++ b/doc/sudoers.man.in @@ -25,7 +25,7 @@ .nr BA @BAMAN@ .nr LC @LCMAN@ .nr PS @PSMAN@ -.TH "SUDOERS" "@mansectform@" "June 20, 2019" "Sudo @PACKAGE_VERSION@" "File Formats Manual" +.TH "SUDOERS" "@mansectform@" "June 21, 2019" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .nh .if n .ad l .SH "NAME" @@ -4384,7 +4384,7 @@ option. Preserving the \fRHOME\fR environment variable has security implications since many programs use it -when searching for configuration files. +when searching for configuration or data files. Adding \fRHOME\fR to @@ -4392,6 +4392,14 @@ to may enable a user to run unrestricted commands via \fBsudo\fR and is strongly discouraged. +Users wishing to edit files with +\fBsudo\fR +should run +\fBsudoedit\fR +(or +\fBsudo\fR \fB\-e\fR) +to get their accustomed editor configuration instead of +invoking the editor directly. .SH "GROUP PROVIDER PLUGINS" The \fBsudoers\fR diff --git a/doc/sudoers.mdoc.in b/doc/sudoers.mdoc.in index add04fdb9..c0a3bba44 100644 --- a/doc/sudoers.mdoc.in +++ b/doc/sudoers.mdoc.in @@ -24,7 +24,7 @@ .nr BA @BAMAN@ .nr LC @LCMAN@ .nr PS @PSMAN@ -.Dd June 20, 2019 +.Dd June 21, 2019 .Dt SUDOERS @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -4089,7 +4089,7 @@ option. Preserving the .Ev HOME environment variable has security implications since many programs use it -when searching for configuration files. +when searching for configuration or data files. Adding .Ev HOME to @@ -4097,6 +4097,14 @@ to may enable a user to run unrestricted commands via .Nm sudo and is strongly discouraged. +Users wishing to edit files with +.Nm sudo +should run +.Nm sudoedit +(or +.Nm sudo Fl e ) +to get their accustomed editor configuration instead of +invoking the editor directly. .El .Sh GROUP PROVIDER PLUGINS The