I just realised that when the user execute "sudo /usr/bin/vi /opt/DBconserver/etc/conserver.cf"
he is able to write to some other files owned by root such as these:
sudo /usr/bin/vi /opt/DBconserver/etc/conserver_au_unix_es.cf
"/opt/DBconserver/etc/conserver" [Read only] 537 lines, 17285 cha
racters
[Hit return to continue]
# RCS (Revision Control System)
# $Id: conserver_au_unix_es.cf,v
:! id
uid=0(root) gid=1(other) <------ I now have root priviledges
Have any of you encoutered this before? Is there any fix to it?
Yes, I've encountered it before, and it's not a bug. sudo is there in order to have regular users run some programs as if they were root. The problem is that some of these programs can start arbitrary other programs.
Solution: use sudoedit/sudo -e instead. Change the line allowing /usr/bin/vi to sudoedit, and invoke the editor using
sudo -e /opt/DBconserver/etc/conserver
The editor started will be the one defined in the EDITOR environment variable, and it will operate on an temporary file using the regular user id.
What version of sudo are you running? (sudo -V) Because according to the web site this functionality has been available at least since early 2004 (which should be around version 1.6.7).
Other than upgrading your version of sudo (which I suggest, as there are probably some other feature enhancements/security fixes included) I can only suggest writing a script-wrapper around vim, which is called by sudo and which emulates the -e option.