[sudo-users] security bug -- sudo undefines functions in environment

Tim Bradshaw tfb at tfeb.org
Thu Aug 7 05:17:44 MDT 2014

On 6 Aug 2014, at 17:00, Todd C. Miller <Todd.Miller at courtesan.com> wrote:

> I believe that these systems store the environment as a tree
> internally.

There are clearly massive bogons here.

Given this crappy program:

#include <stdio.h>
#include <stdlib.h>

int main(int argc, char *argv[]) {
  int i;
  for (i = 1; i < argc; i++) {
    char *ei = getenv(argv[i]);
    if (ei) {
      printf("ENV '%s' = '%s'\n", argv[i], ei);
    } else {
      printf("NOENV '%s'\n", argv[i]);
  return 0;

Then on OS X I can look up PATH, but I can also look up PATH=anything=at-all (and get the value of PATH).  On Linux I can only look up PATH: the others fail.

Oh Unix, I love you so much.

More information about the sudo-users mailing list