undefined | Better HN

0 pointsjosepmdc4y ago0 comments

`sudo vim` will not load your user's vimrc, sudoedit will

0 comments

Which is arguable an attack vector. Depending on how careless the user is, there is far more likely a chance that malicious code is found in .vimrc than is found in the VIM executable.

fragmede4y ago

sudoedit runs your editor as you, not root, so unless I'm misunderstanding you, no such attack surface exists.

masklinn4y ago

They’re probably referring to the attack surfaces of the extensions you have loaded in your normal configuration, as opposed to the probably empty environment of root.

masklinn4y ago

It will also run your entire editor as root, which may not be something you want.

dotancohen4y ago

I actually would prefer the editor binary to run as root, rather than have my VIM config available. Any malware that could replace my system VIM would already have access to do whatever it wants to anyway. But malware to alter my own VIM configuration has a much lower barrier to entry.

j / k navigate · click thread line to collapse

0 comments

dotancohen4y ago

Which is arguable an attack vector. Depending on how careless the user is, there is far more likely a chance that malicious code is found in .vimrc than is found in the VIM executable.

fragmede4y ago

sudoedit runs your editor as you, not root, so unless I'm misunderstanding you, no such attack surface exists.

masklinn4y ago

They’re probably referring to the attack surfaces of the extensions you have loaded in your normal configuration, as opposed to the probably empty environment of root.

masklinn4y ago

It will also run your entire editor as root, which may not be something you want.

dotancohen4y ago

j / k navigate · click thread line to collapse