Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 224
  • Last Modified:

Linux text editors and permissions

Linux Fedora C2
I have a LAN of some 20 semi-trusted users with very little knowledge, this could be improved if I could give them access to a text editor like "gedit", the trouble is "gedit" has one option too many: the ability to run a command.
These users have RO permission on the files accessible to them but scripts they have permission to use change that permission to RW for selected files.
My question:
with the use of "gedit", is the risk limited to the files mentioned above or is there bigger risks to contemplate?  If so, what are those risks?
Thank you for your help.
0
rblampain
Asked:
rblampain
  • 2
  • 2
2 Solutions
 
arombergCommented:
If the users can run a command, then they can theoretically run bash, or any other shell program and escape out.  OpenOffice has a text editor also, and it may be easier for them to learn.
0
 
wesly_chenCommented:
Hi,

   In addition to OpenOffice (big giant package), you might want to try abiword, which is in Fedora Core 2 CD or
you can do
rpm -ivh http://download.fedora.redhat.com/pub/fedora/linux/core/2/i386/os/Fedora/RPMS/abiword-2.0.5-1.i386.rpm

   If the gedit is not run as root or have SUID bit enable, to run the shell command should be ok since the regular users
have only limited permission/privilege.

   All you need to do is make sure the directory and file permission so they have no permission to overwrite/delete
the files which they suppose not allowed to.

   vi can start another shell or execute a shell command, too.

Regards,

Wesly
0
 
rblampainAuthor Commented:
Thank you both. Nobody knows how to fix this, we might have to hire a pro to hack the code when funds permit (we're a NFP).
I'll have a look at "abiword" but I've found a few others suggested to me are further from our specs than "gedit".
0
 
arombergCommented:
if the user doesn't have to have a graphical interface, nano looks to be something where they cannot escape out of it.
0
 
rblampainAuthor Commented:
Thanks to aromberg but the GUI is vital.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now