Bug 424

Summary: carat truncation problem with sudo 1.7.2p5
Product: Sudo Reporter: Don <don-davis>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED INVALID    
Severity: normal    
Priority: low    
Version: 1.7.2   
Hardware: IBM   
OS: AIX   

Description Don 2010-07-30 16:15:17 MDT 
I have upgraded from 1.6.7p5 to 1.7.2p5 and now have a problem with a script that executes a command with several parameters.
Specifically this command is truncated at the carat:

winstsp -f -D LPinputVAR=$2 @EncoreWSUpdate-WkAllRb_NO^19 $1

If I put double-quotes around "@....19" it executes properly.  The problem is that I have hundreds of these files that are generated by Tivoli Software Distribution.

The 1.6.7p5 version worked.  
Thanks
Comment 1 Todd C. Miller 2010-07-30 16:59:21 MDT 
Is the @....19 part listed in the sudoers file or only in your script?  I'm guessing that it is only in the script since "^" is not a special character in the sudoers file.

The way the environment is handled has changed between sudo 1.6.7 and 1.7.2 so that might be causing you problems.  Beginning with sudo 1.6.9 sudo runs commands with a minimal environment, plus the environment variables that were explicitly allowed.  You can go back to the old behavior with a line like the following in sudoers:

Defaults !env_reset

You might try that and see if it changes the behavior. If so, you can either leave things this way (but note that there are security implications) or try to determine which environment variable it is that you need an explicitly allow it with an env_keep line in sudoers.
Comment 2 Todd C. Miller 2011-01-28 16:17:36 MST 
No additional feedback from submitter.