Created attachment 548605 [details] fix for the off-by-1 issue Description of problem: sudo should (by default) close all file descriptors above 2. It actually closes all file descriptors above 3. Version-Release number of selected component (if applicable): Centos 5.7, sudo-1.7.2p1-10.el5. Verified to apply to the source package from RHEL. How reproducible: On a RHEL 5.7 system (with sudo 1.7.2p1-10.el5 . Didn't check earlier versions). Steps to Reproduce: # As root, run: cat <<EOF >script #!/bin/sh cat <&$1 EOF chmod +x script sudo script 3 <&3 /etc/fstab Actual results: Prints the file. Expected results: script: line 2: 0: Bad file descriptor Additional info: Attached patch sudo-close-fd3.diff demonstrates the fix: def_closefrom defaults to STDERR_FILENO + 1. No need to further increment it.
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux.