Bug 66043 – sudo removes environment variables

Bug 66043 - sudo removes environment variables

Summary:	sudo removes environment variables

Status:	CLOSED CURRENTRELEASE

Aliases:	None

Product:	Red Hat Linux
Classification:	Retired
Component:	sudo (Show other bugs)
Sub Component:
Version:	7.3
Hardware:	i686 Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Thomas Woerner
QA Contact:	Ben Levenson
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2002-06-04 17:48 EDT by Bertil Askelid
Modified:	2007-10-01 15:20 EDT (History)
CC List:	2 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2004-11-22 05:26:38 EST
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Script file for `x' (165 bytes, text/plain) 2002-06-04 17:50 EDT, Bertil Askelid	no flags	Details
Script file for `y' (195 bytes, text/plain) 2002-06-04 17:52 EDT, Bertil Askelid	no flags	Details
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Bertil Askelid 2002-06-04 17:48:27 EDT

Description of Problem:

	sudo removes certain environment variables from a process.
	The following little scripts exemplifies exactly what is
	happening: see attached `x' and `y'.

	Run `x' and you see:

		~> ./x
		Password:
		X = x
		Y = y
		Z = z
		LOCAL is undefined
		TMP is undefined
		RE is undefined
		TM is undefined
		~> 

Version-Release number of selected component (if applicable):

	sudo-1.6.5p2-2

How Reproducible:

	Always

Steps to Reproduce:
1. run `./x' on command line
2. 
3. 

Actual Results:


Expected Results:


Additional Information:

Comment 1 Bertil Askelid 2002-06-04 17:50:24 EDT

Created attachment 59705 [details]
Script file for `x'

Comment 2 Bertil Askelid 2002-06-04 17:52:14 EDT

Created attachment 59706 [details]
Script file for `y'

Comment 3 Bernhard Rosenkraenzer 2002-06-10 11:53:07 EDT

This is intentional. 
Current versions of sudo clear the environment except for a couple of known 
safe variables to prevent security leaks (e.g. buffer overruns by passing 
invalid arguments to an application or stuff like export 
LD_PRELOAD=givemearootshell.so; sudo something_you_may_do).

Comment 4 Trevin Beattie 2007-10-01 13:51:42 EDT

Please add this behavior to the sudo man page, and provide a mechanism for
passing specific environment variables to the process.

Comment 5 Trevin Beattie 2007-10-01 15:20:02 EDT

Disregard the second part of that request; I found it in the sudoers file.  Just
please document what you did in the man page.

Note You need to log in before you can comment on or make changes to this bug.