It doesn’t edit the file directly, it creates a temp file that replaces the file when saving. It means that the editor is run as the user, not as root.
So it opens the file in your editor, since you have read access to it. Then saves your changes to a temp file. Then when you close the editor it does a sudo mv tmpfile readfile?
I checked this by checking the file ownership when running touch myself. The file is owned by root. sudo nano myself also creates a file owned by root. sudoedit myself bitches at me not to run it in a writable directory.
sudoedit: myself: editing files in a writable directory is not permitted
So I ran it in a non-writable directory and the resulting file is still owned by root.
So is the advantage of sudoedit preventing a possible escalation of privileges situation?
It doesn’t edit the file directly, it creates a temp file that replaces the file when saving. It means that the editor is run as the user, not as root.
So it opens the file in your editor, since you have read access to it. Then saves your changes to a temp file. Then when you close the editor it does a sudo mv tmpfile readfile?
I checked this by checking the file ownership when running
touch myself. The file is owned by root.sudo nano myselfalso creates a file owned by root.sudoedit myselfbitches at me not to run it in a writable directory.So I ran it in a non-writable directory and the resulting file is still owned by root.
So is the advantage of
sudoeditpreventing a possible escalation of privileges situation?Yes, and it also lets me use my neovim config.