- Version 4.0.0 and later: pbvi setting available.
The pbvi editor is similar to the standard vi editor. It has been modified so that it can be used securely with the Privilege Management for Unix and Linux programs. Security is enhanced with the following features:
- pbvi must be started with a full path name specified.
- The user cannot access any files other than the one that is specified at startup time.
- The user is not allowed to spawn any processes.
This program, when used with Privilege Management for Unix and Linux, allows users to access a specific file as root, but not access other root functions or files.
The edited file is written back to the same path. If this path changed by an external process, then the file is written to the new location to which the path refers. Whenever pbvi is run from Privilege Management for Unix and Linux, the arguments should be checked to ensure that the user cannot change the path and no security hole is introduced.
|fullpathname||File to edit.|
For more information, please see pbrun.