sudo does all this crap “to remain secure”:

Variables that control how dynamic loading and binding is done can be used to subvert the program that sudo runs.  To combat this the LD_*, _RLD_*, SHLIB_PATH (HP-UX only), and LIBPATH (AIX only) environment variables are removed from the environment passed on to all commands executed.  sudo will also remove the IFS, CDPATH, ENV, BASH_ENV, KRB_CONF, KRBCONFDIR, KRBTKFILE, KRB5_CONFIG, LOCALDOMAIN, RES_OPTIONS, HOSTALIASES, NLSPATH, PATH_LOCALE, TERMINFO, TERMINFO_DIRS and TERMPATH variables as they too can pose a threat.

What a useless waste of time. As the man page says:

There is no easy way to prevent a user from gaining a root shell if that user is allowed to run arbitrary commands via sudo.

So what’s the *(%#@&#$ use of crippling the environment? I’ve been trying to get a successful root-initiated [make install] going from a user-initiated script file, and sudo has wasted my time. [su] to the rescue. This will use your proper root environment:

su -c "make install" -

The down sides are that you’ll be prompted for your password every time you call su, and you have to use the root password. But sudo is worthless.

/rant

UPDATE: [su] is no better. I lied, you still won’t get your full environment. The only solution is to actually RUN your shell environment scripts yourself from a batch file that you execute with -c. Live and learn.

Leave a Reply