Red Hat Bugzilla – Bug 66043
sudo removes environment variables
Last modified: 2007-10-01 15:20:02 EDT
Description of Problem:
sudo removes certain environment variables from a process.
The following little scripts exemplifies exactly what is
happening: see attached `x' and `y'.
Run `x' and you see:
X = x
Y = y
Z = z
LOCAL is undefined
TMP is undefined
RE is undefined
TM is undefined
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. run `./x' on command line
Created attachment 59705 [details]
Script file for `x'
Created attachment 59706 [details]
Script file for `y'
This is intentional.
Current versions of sudo clear the environment except for a couple of known
safe variables to prevent security leaks (e.g. buffer overruns by passing
invalid arguments to an application or stuff like export
LD_PRELOAD=givemearootshell.so; sudo something_you_may_do).
Please add this behavior to the sudo man page, and provide a mechanism for
passing specific environment variables to the process.
Disregard the second part of that request; I found it in the sudoers file. Just
please document what you did in the man page.