YSK : Do not use ‘sudo vim/nano/emacs..’ to edit a file. Instead, set your $EDITOR and use sudoedit or sudo -e.


TL;DR: title. It's to avoid exposing your system to vulnerabilities in your editor.

Hello all! Today, I want to adress one of my pet peeves : people using sudo to run their editors as root. This is bad because of two things :

  1. It leaves your system vulnerable to any exploits involving your editor. You may also be prone to user errors.
  2. But worst of all, it makes it so your editor ignores its configuration ! Your carefully crafted .vimrc, your beautiful .emacs config, all ignored !

Instead, set your $EDITOR environment variable, and use either sudoedit file or sudo -e file.

Thanks for reading.

EDIT: So, what does sudoedit actually do?

It works in the following fashion :

  1. It copies the file you're trying to edit into /tmp/file.xxx
  2. It opens /tmp/file.xxx with your editor.
  3. When you're done editing, it moves the tempfile back into the original.

submitted by /u/AlternOSx
[link] [comments]