Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 117443
Alias:
Product:
Component:
Status: RESOLVED
Resolution: WONTFIX
Assigned To: Gentoo's Team for Core System packages <base-system@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Tobias Klausmann <klausman@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 117443 depends on: Show dependency tree
Bug 117443 blocks:
Votes: 0    Show votes for this bug    Vote for this bug

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-01-02 06:04 0000 
With newer releases of sys-apps/less and sys-apps/baselayout, the default is to
set LESSOPEN, which results in rich processing of files. This means for
example, that some logfiles of which libmagic (erronously) believes that they
are binary are displayed as a hexdump, which is utterly useless. Also,
PostScript files are tried to be interpeted in some way, which is unhelpful,
too (see example below).

This is the result of setting LESSOPEN in /etc/env.d/00basic. While some may
appreciate the comfort of this, it gets in the way of system administration
more often than it is helpful. Additionally, an unsuspecting user might want to
view an attachment he has gotten only to find out that a (potentially
vulnerable) client is used to view it. 

Thus, this behaviour should be *off* by default and a message should be
generated on installation that details how to switch it on.

The security impact isn't that great that I'd tag it accordingly, it's mostly a
matter of inconvenience.

Example of unwated behaviour:

$ less cal.ps 
Error: /undefined in ch-xoff
Operand stack:
   --nostringval--   --nostringval--   --nostringval--   --nostringval--   0
Execution stack:
   %interp_exit   .runexec2   --nostringval--   --nostringval--  
--nostringval--   2   %stopped_push   --nostringval--   --nostringval--   -
-nostringval--   false   1   %stopped_push   2   3   %oparray_pop   2   3  
%oparray_pop   2   3   %oparray_pop   .runexec2   --nostringval--
   --nostringval--   --nostringval--   2   %stopped_push   --nostringval--  
--nostringval--   --nostringval--   --nostringval--
Dictionary stack:
   --dict:1105/1417(ro)(G)--   --dict:0/20(G)--   --dict:72/200(L)--  
--dict:94/300(L)--
Current allocation mode is local
Last OS error: 2
Current file position is 4402
$ head cal.ps 
%!PS-Adobe-2.0
%%Creator: dvips(k) 5.86 Copyright 1999 Radical Eye Software
%%Title: cal.dvi
%%Pages: 12
%%PageOrder: Ascend
%%BoundingBox: 0 0 596 842
%%EndComments
%DVIPSWebPage: (www.radicaleye.com)
%DVIPSCommandLine: dvips cal.dvi -o cal.ps
%DVIPSParameters: dpi=600, compressed

------- Comment #1 From SpanKY 2006-01-02 11:00:12 0000 ------- 
LESSOPEN has *always* been enabled

if you want it off, just do:
# echo 'LESSOPEN=""' > /etc/env.d/99local
# env-update

------- Comment #2 From Tobias Klausmann 2006-01-03 05:21:50 0000 ------- 
Well, if it was always enabled, why haven't I ever noticed this behaviour
before?! Some goes for a colleague who runs his own machine which I don't even
have an account on. I can hardly believe that I never ever triggered this
behaviour before (and neither did he). Maybe the permissions of lesspipe.sh
changed. What does CVS say wrt changes to env.d/00basic?

------- Comment #3 From SpanKY 2006-01-03 06:23:19 0000 ------- 
you're assuming the wrong thing

lesspipe.sh itself has increased in terms of features, read the source

------- Comment #4 From Tobias Klausmann 2006-01-03 07:21:04 0000 ------- 
Ah, well, that explains it of course. Thanks for your time.

------- Comment #5 From Jakub Moc (RETIRED) 2007-05-22 16:55:39 0000 ------- 
*** Bug 179411 has been marked as a duplicate of this bug. ***
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug