Potential security hole in Gentoo's default sudo config-- if I allow any EDITOR variable, someone could use EDITOR=/path/to/badcode with sudoedit
sudoedit is only mentioned in the comments in the default sudoers file, and is designed to invoke the editor with the privileges of the user, only the files are moved around as root. I think this bug is invalid, could you try EDITOR=vim and then !whoami or something.
Yep, I overlooked that part of sudoedit's operation.