On Thu, 12 Jun 2003, Shawn wrote:
> In a nutshell, I want to lock down some files owned by root so that a
> small amount of people can modify them.  Permissions cannot change on
> the file, nor can uid/gid of ownership.
>
> The people who need to modify the files have sudo priviledges.  There
> are two groups defined within sudo, and only one group should have
> permissions to change the files.
>
> I was thinking something along the lines of a stickybit, but not sure
> if that is the right way.  Thus the thought on using sudo....

If you could find a simple editor that doesn't support opening a file
within itself or saving a file as a different name (I think vim has a way
to lock itself down like this; not sure), you can specify the paths that
people are allowed to edit in the sudoers file. For example:

user	ALL = NOPASSWD: vim /var/tmp/file

-- 
Nate Carlson <natecars at real-time.com>   | Phone : (952)943-8700
http://www.real-time.com                | Fax   : (952)943-8500



_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list