«
»

“sudo gedit” must die!

Why is it that so many Ubuntu guides tell you to do sudo gedit /path/to/somefile when there is a sudoedit command? An editor, like Gedit, doesn’t need to run as root, ever.

This is so much better and safer:

SUDO_EDITOR=gedit sudo -e /path/to/somefile

This will …

  1. Copy the file to /tmp/
  2. Invoke gedit as your user
  3. Update the original file if you changed the temporary file

It would of course be really useful if gksudo had this built in already, and could be used in a nice way by nautilus-gksu.

Tags: , , , ,

This entry was posted on Friday, July 23rd, 2010 at 09:00 and is filed under Crappy world. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to ““sudo gedit” must die!”

  1. louiz' says:
    2010-09-02 at 18:46

    “This will …

    1. Copy the file to /tmp/”

    How is this safer? /tmp/ is readable by anyone on the system, even non-administrator users. So, if the file contains a password or something sensitive, anyone can read it…

  2. zash says:
    2010-09-02 at 19:32

    The main thing is that you aren’t running the editor as root.

    /tmp should have the sticky bit set (chmod +t) meaning files created there can’t be deleted or renamed by anyone other than the owner. So if you create a file there with restrictive permissions (like chmod 600) then it would be perfectly safe.

Leave a Reply