Allow preservation of variables in the default list to be disabled

[konsolebox]

If I'm reading the code correctly default variables that are enabled for preservation are specified in the initial_keepenv_table variable in plugins/sudoers/env.c, correct? If possible can preservation of these variables be allowed to be disabled through an option like --no-preserve-env=VAR? I know env -u VAR sudo ... can be a good workaround but better have the capability in sudo itself since it's the one responsible for allowing the default list.

[konsolebox]

It seems like I misinterpreted initial_keepenv_table too. It seems to be used differently from --preserve-env.

Specifying a custom value through the environment file (not the configuration file which is /etc/security/pam_env.conf), a variable still gets overridden even it's specified through --preserve-env. I've tested this by running sudo -Hu user --preserve-env=VARIABLE env. However, if a variable is specified in initial_keepenv_table, like DISPLAY, HOSTNAME or XDG_CURRENT_DESKTOP, the variable DOES NOT get overridden. Note that HOSTNAME variable may not be exported so be mindful about it.