-
Protect from simple privilege escalation attacks on scripts that are granted privileged execution for unprivileged users by restricting the PATH to a static set. Without doing so, it is a trivial attack to provide a binary used by a privileged script that executes former without an absolute path to escalate privileges by gaining code execution through that binary. Anything run with elevated privileges through sudo shall never ever have the possibility to pass on the unsanatized PATH from an unprivileged user. Signed-off-by:
Levente Polyak <anthraxx@archlinux.org>1eb1dd41
