fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-02-26 21:40:32 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

nmcli: set LESSSECURE=1 (unless already set)

Browse source 
Apparently, the pager being able to execute commands takes some people
by surprpise, making their poor configuration choices have consequences.

Let's pray for some mercy on their souls with the LESSECURE variable,
which makes less less likely to conduct evil deeds.

Systemd also deals with this, but being systemd they make it as
complicated as possible. We just set it unconditionally, hoping nobody
wanted the extra functionality and they're in only for the scrolling.
If anyone minds they can just set LESSSECURE=0 and we'll leave it alone.

See also: SYSTEMD_PAGERSECURE in systemctl(1) manual.
This commit is contained in:
Lubomir Rintel 2023-03-06 08:57:59 +01:00
parent 308e224e8e
commit 010ecfe9ea
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/nmcli/utils.c
View file

@ -1467,6 +1467,7 @@ nmc_terminal_spawn_pager(const NmcConfig *nmc_config)
ev = g_get_environ();
ev = g_environ_setenv(ev, "LESS", "FRSXMK", TRUE);
ev = g_environ_setenv(ev, "LESSCHARSET", "utf-8", TRUE);
ev = g_environ_setenv(ev, "LESSSECURE", "1", FALSE);
pager_pid = fork();
if (pager_pid == -1) {