Bug 66043 - sudo removes environment variables
sudo removes environment variables
Product: Red Hat Linux
Classification: Retired
Component: sudo (Show other bugs)
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Thomas Woerner
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2002-06-04 17:48 EDT by Bertil Askelid
Modified: 2007-10-01 15:20 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-11-22 05:26:38 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Script file for `x' (165 bytes, text/plain)
2002-06-04 17:50 EDT, Bertil Askelid
no flags Details
Script file for `y' (195 bytes, text/plain)
2002-06-04 17:52 EDT, Bertil Askelid
no flags Details

  None (edit)
Description Bertil Askelid 2002-06-04 17:48:27 EDT
Description of Problem:

	sudo removes certain environment variables from a process.
	The following little scripts exemplifies exactly what is
	happening: see attached `x' and `y'.

	Run `x' and you see:

		~> ./x
		X = x
		Y = y
		Z = z
		LOCAL is undefined
		TMP is undefined
		RE is undefined
		TM is undefined

Version-Release number of selected component (if applicable):


How Reproducible:


Steps to Reproduce:
1. run `./x' on command line

Actual Results:

Expected Results:

Additional Information:
Comment 1 Bertil Askelid 2002-06-04 17:50:24 EDT
Created attachment 59705 [details]
Script file for `x'
Comment 2 Bertil Askelid 2002-06-04 17:52:14 EDT
Created attachment 59706 [details]
Script file for `y'
Comment 3 Bernhard Rosenkraenzer 2002-06-10 11:53:07 EDT
This is intentional. 
Current versions of sudo clear the environment except for a couple of known 
safe variables to prevent security leaks (e.g. buffer overruns by passing 
invalid arguments to an application or stuff like export 
LD_PRELOAD=givemearootshell.so; sudo something_you_may_do). 
Comment 4 Trevin Beattie 2007-10-01 13:51:42 EDT
Please add this behavior to the sudo man page, and provide a mechanism for
passing specific environment variables to the process.
Comment 5 Trevin Beattie 2007-10-01 15:20:02 EDT
Disregard the second part of that request; I found it in the sudoers file.  Just
please document what you did in the man page.

Note You need to log in before you can comment on or make changes to this bug.