pbnvi

Version 4.0.0 and later: pbnvi setting available.

The pbnvi editor is similar to the standard vi editor. It has been modified so that it can be used securely with the Endpoint Privilege Management for Unix and Linux programs. The user cannot access any files other than the ones that are specified at startup time. The user is also not allowed to spawn any processes.

This program, when used in conjunction with Endpoint Privilege Management for Unix and Linux, can allow users to access a specific file as root, but not access other root functions or files.

The edited file is written back to the same path. If this path has been changed by an external process, then the file is written to the new location to which the path now refers. Whenever pbnvi is run from Endpoint Privilege Management for Unix and Linux, the arguments should be checked to ensure that the user could not change the path and introduce a security hole.

Syntax

pbnvi fullpathname

Arguments

fullpathname

File to edit.

Files

None

Display the contents of the fullpathname file for editing:

pbnvi fullpathname

For more information, see pbrun.