I too would like to register a complaint about broken working methods with sudo 1.6.8p7-1.3.
The preservation of all environment variables is not necessarily a security flaw when done by a user with ALL commands sudoers rights. When such a user is using 'sudo -s', it can be highly desirable not purge any environment variables, so that a suitably authorized user can gain root whilst carrying with them their preferred shell environment, including any temporary settings they may have made in the current session. The sudo 1.6.8p7-1.3 package totally removes this facility. There is no provision made for accessing the old behaviour through configuration, and there is no documentation of this major change in package behaviour. Doing this in 'stable' rather mocks the name of the distribution. Please restore this lost functionality. In the mean time, I have rolled back to 1.6.8p7-1.2. Max.
signature.asc
Description: OpenPGP digital signature
