rfe: add SUDO_HOME variable

Question

rfe: add SUDO_HOME variable

stsp opened this issue a year ago · 3 comments

Hi, would it be possible to set the
SUDO_HOME variable before the
HOME variable is modified?

If HOME is preserved, then the program
that creates any files in a home dir,
should first setuid() to the SUDO_UID.
If HOME is not preserved, then no need
to change uid before creating files.
But currently sudo provides no means
to find if the HOME was preserved or
not. Therefore it would be good to add
SUDO_HOME, the same way as all the
other important variables are saved.

Answer 1 · 2024-03-08T16:22:29.000Z

I just committed 602a58e which adds SUDO_HOME to the environment.

Answer 2 · 2024-03-08T16:49:15.000Z

Thank you!
I had to use the wrapper script to do

  if [ -n "$SUDO_USER" -a -z "$SUDO_HOME" ]; then
    export SUDO_HOME=`getent passwd "$SUDO_USER" | cut -d: -f6`
  fi

which now won't be needed.

Answer 3 · 2024-03-08T16:57:49.000Z

You may also consider providing
some variable to indicate if the HOME
was changed or not.
Even though currently I can already
evaluate this by comparing SUDO_HOME
and HOME, who knows who else could
change HOME in between...
Since changed/unchanged HOME
influences on the program logic a lot
(needs setuid() before creating files,
if HOME was not changed),
it may make sense to add such an
indicator.