diff --git a/events/syscall/potential_local_privillege_escalation_via_env_var_misuse.go b/events/syscall/potential_local_privillege_escalation_via_env_var_misuse.go
index 01616698..ca21ebc9 100644
--- a/events/syscall/potential_local_privillege_escalation_via_env_var_misuse.go
+++ b/events/syscall/potential_local_privillege_escalation_via_env_var_misuse.go
@@ -28,10 +28,9 @@ var _ = events.Register(PotentialLocalPrivillegeEscalation)
 
 func PotentialLocalPrivillegeEscalation(h events.Helper) error {
     // Set the GLIBC_TUNABLES environment variable
-    os.Setenv("GLIBC_TUNABLES", "glibc.tune.hwcaps=-WAITED,glibc.tune.secrets=2")
-
     cmd := exec.Command("bash", "-c", "id")
     cmd.Env = os.Environ()
+    cmd.Env = append(cmd.Env, "GLIBC_TUNABLES=glibc.tune.hwcaps=-WAITED,glibc.tune.secrets=2")
 
     h.Log().Info("Process run with suspect environment variable which could be attempting privilege escalation")
     err := cmd.Run()