[sudo-users] can't pass environment variables to sudo env
Tiago Marques
tiagomnm at gmail.com
Sat Sep 13 21:32:23 EDT 2008
Ok, tks!
The other thing I would like to know is if this was done for security
reasons. Was it? I would like to know if there's any risk in changing this
behavior.
Best regards,
Tiago Marques
On Sun, Sep 14, 2008 at 2:20 AM, Todd C. Miller
<Todd.Miller at courtesan.com>wrote:
> In message <b1335fe90809131655k4c766282xaf7ad13eea4166d8 at mail.gmail.com>
> so spake "Tiago Marques" (tiagomnm):
>
> > I've noticed that since sudo-1.6.8, i think, I can't pass useful
> environment
> > variables like RSYNC_PROXY, ACCEPT_KEYWORDS, USE, and other stuff I use
> in
> > Gentoo.
> >
> > Is there any worthwhile reason for sudo to now ignore the environment
> > variables, like security reasons? For me, this was a major loss in
> > functionality.
>
> The default behavior was changed to not pass environment variables
> to the process being run by sudo. You have two basic options:
>
> 1) Restore the old behavior by placing a line like the following
> in sudoers.
>
> Defaults !env_reset
>
> 2) Add the variables you with to keep explicitly, e.g.
>
> Defaults env_keep+="RSYNC_PROXY ACCEPT_KEYWORDS USE"
>
> - todd
>
More information about the sudo-users
mailing list