When sudo runs a command in shell mode, either via the -s or -i command line option, it escapes special characters in the command"s arguments with a backslash. The sudoers policy plugin will then remove the escape characters from the arguments before evaluating the sudoers policy if the command is being run in shell mode