[sudo-users] sudo promotes breaking pam_env security model.

Todd C. Miller Todd.Miller at courtesan.com
Wed Aug 6 12:28:47 MDT 2014

Sudo uses pam_env (if configured in /etc/pam.d/sudo) because the
command is being run as a different user with a brand new environment
(with a few variables preserved from the old one).

I'm not sure why you think that pam_env is removing things from the
environment.  It can only remove variables already present in the
pam environment.  There is no way for it to remove variables from
the actual environment, other than to set them to an empty string.
What actually happens is that sudo merges the pam environment with
the new user environment.

If you want to preserve specific parts of the caller's environment,
you should be able to do that with env_keep settings in the sudoers

 - todd

More information about the sudo-users mailing list