how sudo handles $HOME

[Alex Murray]

On Wed, 2019-05-15 at 02:42:56 +0930, Dan Streetman wrote:

> in Ubuntu, sudo retains the calling user's $HOME
>
> this is different from upstream sudo as well as all other UNIXes and
> even the sudo documentation we provide.  Should we remove our custom
> patch that adds this behavior?

I would argue that our current behaviour provides a more usable default
(eg. running vim via sudo uses your own configuration so you don't have
to maintain a copy of it in /root) and in the case of a machine with
multiple sudo users, they all get to use their own configuration rather
than a single configuration under /root.

However, it does diverge from upstream and so for new users this creates
a surprising situation if they are used to and expect the upstream
behaviour - (see comments 6 and 7 in
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/760140) - plus it
seems we do not document this change in the man page and so we are
creating even more surprises for our users.

>From a security point of view I do not see any advantage from either
behaviour, so it is really more a usability question IMO.

>
> for reference and more details on downsides of our current sudo behavior, see:
> https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1556302
>
> Note that I have kind-of hijacked the bug, as I believe the issue is
> larger than the python-based example in that bug.
>
> Also as I commented in that bug, I do not recommend changing the
> behavior for existing releases.  But I do think we should change the
> behavior starting in Eoan and future releases.

I agree if this is changed we should not try and SRU it back.