Bug 182

Summary: unstripped variables
Product: Sudo Reporter: Tavis Ormandy <taviso>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: normal    
Priority: normal    
Version: 1.6.8   
Hardware: PC   
OS: Linux   
Attachments: patch to nix PS4 and SHELLOPTS irt CAN-2004-1051

Description Tavis Ormandy 2005-06-05 13:40:52 MDT 
regarding CAN-2004-1051, I suppose SHELLOPTS should also be stripped for 
completeness.

$ csh # SHELLOPTS is marked readonly in bash.
% setenv SHELLOPTS xtrace
% setenv PS4 '$(id)'
% sudo /any/bash/script
uid=0(root) gid=0(root) groups=0(root)
...
Comment 1 Scott Doty 2005-10-27 14:57:07 MDT 
Created attachment 39 [details]
patch to nix PS4 and SHELLOPTS irt CAN-2004-1051

patch to nix PS4 and SHELLOPTS irt CAN-2004-1051

maybe the mandiva folks should have submitted this... (see bugtraq for
their security notice)

 -Scott Doty <scott@sonic.net>
Comment 2 Todd C. Miller 2005-10-28 12:39:40 MDT 
Fixed in sudo 1.6.8p10