[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ${HOME} vs. g_get_home_dir ()

On 27/09/12 22:53, Josselin Mouette wrote:
> Le jeudi 27 septembre 2012 à 14:39 -0700, Josh Triplett a écrit : 
>> "sudo foo" leaves $HOME set to the user's
>> home directory rather than root
> This is a bug in sudo. There can be very dangerous things in $HOME

It's configurable, because each of you can be right in different
situations. I think the Debian default is to clear the environment
(except for a few whitelisted variables like LANG).

If only root-equivalent ("admin") users are allowed to sudo (as seen in
an out-of-the-box Ubuntu installation, or Debian when a user is in the
sudo group), then escalating privileges is a non-issue. In this case,
Josh's version is OK: passing environment variables through doesn't let
the user do anything they couldn't do already.

If certain users are granted sudo access to certain commands but are not
otherwise root-equivalent, then Josselin is right that it's not
generally safe to pass environment variables through: it's likely that
they can subvert those commands by careful choice of environment variables.


Reply to: