https://ringzeropirate.github.io/en/tags/privilege-escalation/Recent content in Privilege-Escalation on RingZero PirateHugoen-USSat, 28 Mar 2026 00:00:00 +0000https://ringzeropirate.github.io/en/articles/sudo-env-bypass/Sat, 28 Mar 2026 00:00:00 +0000https://ringzeropirate.github.io/en/articles/sudo-env-bypass/Reading Time: 16 minutes Responsible Disclosure Notice — All findings described in this article were reported to Todd C. Miller (sudo maintainer) prior to publication. The upstream fix has been committed to the sudo-project/sudo repository. Full timeline is disclosed at the end of this article. Executive Summary During an independent audit of the plugins/sudoers/env.c module in sudo 1.9.17p2 / 1.9.18rc1, I identified seven environment variables that are silently passed through to privileged processes when env_reset is disabled (!