After reviewing the patch differences between 1.2 and 1.3 I can see why
it's broken. Looks like [EMAIL PROTECTED] submitted a half-done
security patch.
His end goal of making sudo require users to white-list environment
variables rather than black-list them may have merit or it may not. It
doesn't matter though, since his code doesn't allow for a white-list, it
just removes EVERYTHING.
This change is the only difference between 1.2 and 1.3.
Please undo all of his 1.3 changes ASAP. This version is totally hosed.
<mailto:[EMAIL PROTECTED]>
begin:vcard
fn:Jeremy Yoder
n:Yoder;Jeremy
org:UGS - Transforming the process of innovation
adr:Suite 100;;2600 Green Road;Ann Arbor;MI;48105;USA
email;internet:[EMAIL PROTECTED]
title:Software Engineer
tel;work:734-623-5808
tel;fax:734-995-6171
x-mozilla-html:TRUE
url:http://www.ugs.com/
version:2.1
end:vcard
