https://bugzilla.redhat.com/show_bug.cgi?id=1676961
--- Comment #7 from Thomas Walker Lynch <thomas.walker.lynch(a)gmail.com> ---
to be more clear, to write programs to help users do system tasks, where the
knowledge of who the user is is required. That is why there is an inherited
uid in addition to the effective uid. There are workarounds, such as passing
identifying information through the environment, but those work arounds are not
secure, because, unlike the inherited uid, the environment may be spoofed. ..
that is why the inherited uid and such identification is handled by the OS
instead of the application layer, but sudo is currently defeating this
mechanism. And thus, indeed, I do believe it is a bug.
--
You are receiving this mail because:
You are the assignee for the bug.