[sudo-users] problem in sudo-1.8.10p3-2.1.6; breakage from sudo-1.8.7-5.1.3

L. A. Walsh sudo at tlinx.org
Wed May 27 19:47:38 MDT 2015


Todd C. Miller wrote:
> BTW, you should be able to tell if sudo really is clearing the
> environment by comparing the output of "env" to "sudo env".
>
>  - todd
>   
You mean like this:
>  env |sort >/tmp/env
>  diff -t2 -w80 -y /tmp/{env,sudoenv} >/tmp/diffs
>  sudo env |sort >/tmp/sudoenv

BASH_FUNC___age%%=() {  declare ns=$(date +"%N");               <
BASH_FUNC__path_append%%=() {  _path_op '$1=\"${!1}:$2\"' "$@"  <
BASH_FUNC__path_delete%%=() {  _path_op '$1=\"${!1//*(:$2|$2:)/ <
BASH_FUNC__path_has_subpath%%=() {  [[ ${!1} =~ (:$2:|^$2:|:$2$ <
BASH_FUNC__path_op%%=() {  (($#<3)) && return 1;                <
BASH_FUNC__path_prepend%%=() {  _path_op '$1=\"$2:${!1}\"' "$@" <
BASH_FUNC_chr%%=() {  local nl="" fmt;                          <
BASH_FUNC_cygwin%%=() {  return 1                               <
BASH_FUNC_datestamp%%=() {  local dstring="%Y%m%d.%H%M%S";      <
BASH_FUNC_gvim%%=() {  declare -a orig_args=($@) gv_files=() gv <
BASH_FUNC_include%%=() {  [[ -n $1 ]] || return 1;              <
BASH_FUNC_isatty%%=() {  test -c /proc/self/fd/1                <
BASH_FUNC_mc%%=() {  . /usr/share/mc/mc-wrapper.sh              <
BASH_FUNC_ord%%=() {  local nl="";                              <
BASH_FUNC_showsize%%=() {  local s=$(stty size);                <
BASH_FUNC_spwd%%=() {  (($#)) || {                              <
BASH_FUNC_suffix%%=() {  local -i t i;                          <
BASH_FUNC_titlebar%%=() {  printf "\033]1;${qUSER}@${HOSTNAME}: <
COLORTERM=1                                                        
COLORTERM=1
DISPLAY=athenae.hs.tlinx.org:0                                  |  
DISPLAY=:0.0
LD_LIBRARY_PATH=/libdl                                          <
REMOTEHOST=athenae.hs.tlinx.org                                 |  
REMOTEHOST=
                                                                >  
SUDO_COMMAND=/usr/bin/env
                                                                >  
SUDO_GID=201
                                                                >  
SUDO_UID=5013
                                                                >  
SUDO_USER=law
_=/usr/bin/env                                                  |  
_=/usr/bin/sudo


The above doesn't look like sudo, sorry.
It looks like a suse change, but looking through
the pam.d lib/security stuff -- can't find
where ...still looks like my previously disabling
it, is in place....

I'll keep looking till I find it... obviously, it's
not acceptable to me to have sudo some how indirectly
clear the above...




More information about the sudo-users mailing list