[sudo-users] can't pass environment variables to sudo env

Tiago Marques tiagomnm at gmail.com
Sat Sep 13 21:32:23 EDT 2008

Ok, tks!

The other thing I would like to know is if this was done for security
reasons. Was it? I would like to know if there's any risk in changing this

Best regards,

                          Tiago Marques

On Sun, Sep 14, 2008 at 2:20 AM, Todd C. Miller
<Todd.Miller at courtesan.com>wrote:

> In message <b1335fe90809131655k4c766282xaf7ad13eea4166d8 at mail.gmail.com>
>        so spake "Tiago Marques" (tiagomnm):
> > I've noticed that since sudo-1.6.8, i think, I can't pass useful
> environment
> > variables like RSYNC_PROXY, ACCEPT_KEYWORDS, USE, and other stuff I use
> in
> > Gentoo.
> >
> > Is there any worthwhile reason for sudo to now ignore the environment
> > variables, like security reasons? For me, this was a major loss in
> > functionality.
> The default behavior was changed to not pass environment variables
> to the process being run by sudo.  You have two basic options:
> 1) Restore the old behavior by placing a line like the following
>   in sudoers.
>        Defaults !env_reset
> 2) Add the variables you with to keep explicitly, e.g.
>        Defaults env_keep+="RSYNC_PROXY ACCEPT_KEYWORDS USE"
>  - todd

More information about the sudo-users mailing list