Red Hat Bugzilla – Bug 18878
Sudo doesn't clean LANG / LC_xxx environment -> possible to exploit locales.
Last modified: 2008-05-01 11:37:59 EDT
Sudo doesn't clean LANG / LC_xxx environment. So users can use
something like LANG=../../../tmp and if they can run a program with
higher privileges --> possible to exploit. To fix this sudo should clean
LANG / LC_xxx if they contain '/' (like the new userhelper does).
PS. Users can exploit this only if they can run the programs with sudo and
the program has i18n support.
*** Bug 18825 has been marked as a duplicate of this bug. ***
Done in 1.6.3p5-2
Hm, am I wrong or would this justify a security errata update instead of just
Changing severity to "security".