Being new to Arch and finally getting a working system minus the ability
to always be able to cleanly reboot and shutdown every time. I started
reading about securing my install and ran across the Security wiki on
archlinux.org and it states that you can not use the EDITOR envvar.
But in reality you can use this and it allows you the ability to run
nano like it says visudo does not allow you to do. Is it just a bug in
the current release of visudo, am I not understanding the information in
the Wiki properly or? Wouldn't this open up a way larger issue?
Quote: "By default, visudo doesn’t follow EDITOR envvar. Also it’s
regarded as severe security risk since everything can be used as EDITOR
(hello, rootkits!). The best practice is to add the following line to
//etc/sudoers/ (remember to put full path to your favourite editor): "
I have not added anything to my file other than allowing the wheel group
sudo rights. Not trying to start any conspiracy here or anything just
curious, could it be a fubared install on my end? I can do it from the
root user and by issuing sudo EDITOR=nano visudo.
Thank you
My Source:
https://wiki.archlinux.org/index.php/Security
