From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Tue, 8 Jan 2002 14:20:57 +0000 (+0000)
Subject: Defer assigning new environment until right before the exec.
X-Git-Tag: SUDO_1_6_4~17
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=53299b78a0e1bbb5978520f14e1d412cb8c0f2ef;p=sudo

Defer assigning new environment until right before the exec.
---

diff --git a/sudo.c b/sudo.c
index 8528f6107..2df2f0f4e 100644
--- a/sudo.c
+++ b/sudo.c
@@ -155,6 +155,7 @@ main(argc, argv, envp)
     int cmnd_status;
     int sudo_mode;
     int pwflag;
+    char **new_environ;
     sigaction_t sa;
     extern int printmatches;
     extern char **environ;
@@ -271,8 +272,8 @@ main(argc, argv, envp)
 	    log_error(NO_MAIL|MSG_ONLY, "no passwd entry for %s!", *user_runas);
     }
 
-    /* Customize environment and get rid of any nasty bits. */
-    environ = rebuild_env(sudo_mode, envp);
+    /* Build up custom environment that avoids any nasty bits. */
+    new_environ = rebuild_env(sudo_mode, envp);
 
     /* This goes after the sudoers parse since we honor sudoers options. */
     if (sudo_mode == MODE_KILL || sudo_mode == MODE_INVALIDATE) {
@@ -369,6 +370,9 @@ main(argc, argv, envp)
 	/* Become specified user or root. */
 	set_perms(PERM_RUNAS, sudo_mode);
 
+	/* Install the new environment. */
+	environ = new_environ;
+
 #ifndef PROFILING
 	if ((sudo_mode & MODE_BACKGROUND) && fork() > 0)
 	    exit(0);