[RFE] su: Allow environment variable whitelisting for --login #221
Labels
TODO
We going to think about it ;-)
Comments
|
We already have --preserve-environment, it's now ignored for --login, but maybe we can improve it, and make it usable with --login when a list of env.variables is specified, for example |
|
It would be nice to be able to specify this distro-wide, in particular to help with: |
|
👍 |
karelzak
added a commit
that referenced
this issue
Aug 15, 2018
* usable with --login to whitelist specified environment variables * the list is ignored for the core variables like HOME, SHELL, USER, LOGNAME and PATH (su --login always resets these variables) Note that su(1) requires password and after successful authentication user has full control over the session, so he can set arbitrary environment variables. The whitelist makes things more user friendly only. The patch removes unnecessary optimization when allocate environ[]. It seems better to keep all in glibc hands and just reset the environment array only. Addresses: #221 Signed-off-by: Karel Zak <kzak@redhat.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This would be similar to sudo's feature
Defaults env_keep += "ENVNAME"in/etc/sudoers.The text was updated successfully, but these errors were encountered: