pbvi

Version 4.0.0 and later: pbvi setting available.

Description

The pbvi editor is similar to the standard vi editor. It has been modified so that it can be used securely with the Endpoint Privilege Management for Unix and Linux programs. Security is enhanced with the following features:

pbvi must be started with a full path name specified.
The user cannot access any files other than the one that is specified at startup time.
The user is not allowed to spawn any processes.

This program, when used with Endpoint Privilege Management for Unix and Linux, allows users to access a specific file as root, but not access other root functions or files.

The edited file is written back to the same path. If this path changed by an external process, then the file is written to the new location to which the path refers. Whenever pbvi is run from Endpoint Privilege Management for Unix and Linux, the arguments should be checked to ensure that the user cannot change the path and no security hole is introduced.

Syntax

pbvi fullpathname

Arguments

fullpathname

File to edit.

Files

None

To display the contents of the file called fullpathname for editing, enter the following:

pbvi fullpathname

For more information, see pbrun.