This is an update on the above summary Sean Quaint pointed out that you can create default ACLS on directories. These are inhereted by the files in the directory. # setfacl -m d:u::7,d:g::5,d:o:0,d:u:some_user:7,d:m:7 dir_name So simply changing the ACL's on all the directories and their contents one time fixed my problem. I don't require to compile VIM or replace default "vi". Thanks to all for the quick response. Madhu B. The bottom line is sudo cannot control the child > > > process from "vi". Some pointed to use ACL to > > change > > > the permission on files. This cannot be used on > > > dynamically created files, which needs to be > > edited. > > > > > > some pointed out in security threat in editing the > > > /etc/passwd /.profile files as command line > > arguments > > > on /usr/bin/vi. But fortunately these will be > > reported > > > in SUDO log file and which will be monitored > > > continuously. > > > > > > Few suggested to use "pico" instead of "vi" , > > > unfortunately users are not ready to learn the new > > > editor. > > > > > > I have end up with two options: > > > > > > 1) create a cron job to use setfacl on newly > > created > > > files > > > 2) recompile VIM to remove the shell mode or file > > edit > > > mode. __________________________________________________ Do You Yahoo!? Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger http://im.yahoo.comReceived on Thu Aug 30 22:43:06 2001
This archive was generated by hypermail 2.1.8 : Wed Mar 23 2016 - 16:25:03 EDT