The risk of vim -Z (rvim)
Last time I asked about the way to prevent risks caused by these configurations:
user_name ALL=(ALL) /usr/bin/vim /etc/httpd/confs/httpd.confor
%group_name ALL=(ALL) /usr/bin/vim /etc/httpd/confs/httpd.confIf I write these scripts in /etc/sudoers, serious damage to the server can happen. Although the question was closed as primarily opinion-based, I received one opinion which recommended I use vim -Z.
I googled vim -Z and found some facts. It is similar to (the same as?) rvim. However, vim -Z still allows us to use some commands. In order to prevent normal users from executing commands, we have to add several scripts in .vimrc.
To be honest, I do not understand fully what commands we cannot use in restricted mode. I found this website, but this only mentions vim although its title is rvim...
Could you tell me what settings are necessay to enable normal users to use sudo vim -Z (or sudo rvim) securely.
41 Answer
Why are you obsessed with vim -V? It's so criptic and difficult to handle its configuration. I don't see any advantage of sudo vim -V because it usually allows users to do more than you expect. It's much better to use sudoedit.
