[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Nano-devel] preventing a root-owned .nano dir
|
From: |
Benno Schulenberg |
|
Subject: |
[Nano-devel] preventing a root-owned .nano dir |
|
Date: |
Wed, 08 Jul 2015 20:40:57 +0200 |
When nano is first run under sudo, and .nanorc contains
'set historylog' or 'set poslog', nano will create a .nano
directory in the user's home directory that is root-owned.
It has happened to me once; it is annoying.
Proposed patch (attached) fixes this: when nano detects it
is being run as root, it will ignore $HOME and get the home
directory from the /etc/passwd file (which will normally
contain /root as the home dir for root).
(What I don't get, though, is that my sudoers file contains
'env_reset', which should cause HOME to become unset, but
still nano sees that HOME is set to /home/ben when running
'sudo nano'. How?)
Anyway, the patch prevents the root user from steering
through the HOME environment variable where nano will look
for its .nanorc file and .nano/ history files. Would that
be an acceptable small sacrifice? Chris? Others?
Benno
--
http://www.fastmail.com - Choose from over 50 domains or use your own
prevent-root-owned-.nano-dir.patch
Description: Text Data
- [Nano-devel] preventing a root-owned .nano dir,
Benno Schulenberg <=