Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 117443 - sys-apps/less default rich processing
Summary: sys-apps/less default rich processing
Status: RESOLVED WONTFIX
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] baselayout (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo's Team for Core System packages
URL:
Whiteboard:
Keywords:
: 179411 (view as bug list)
Depends on:
Blocks:
 
Reported: 2006-01-02 06:04 UTC by Tobias Klausmann
Modified: 2007-05-22 16:55 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tobias Klausmann gentoo-dev 2006-01-02 06:04:31 UTC
With newer releases of sys-apps/less and sys-apps/baselayout, the default is to set LESSOPEN, which results in rich processing of files. This means for example, that some logfiles of which libmagic (erronously) believes that they are binary are displayed as a hexdump, which is utterly useless. Also, PostScript files are tried to be interpeted in some way, which is unhelpful, too (see example below).

This is the result of setting LESSOPEN in /etc/env.d/00basic. While some may appreciate the comfort of this, it gets in the way of system administration more often than it is helpful. Additionally, an unsuspecting user might want to view an attachment he has gotten only to find out that a (potentially vulnerable) client is used to view it. 

Thus, this behaviour should be *off* by default and a message should be generated on installation that details how to switch it on.

The security impact isn't that great that I'd tag it accordingly, it's mostly a matter of inconvenience.

Example of unwated behaviour:

$ less cal.ps 
Error: /undefined in ch-xoff
Operand stack:
   --nostringval--   --nostringval--   --nostringval--   --nostringval--   0
Execution stack:
   %interp_exit   .runexec2   --nostringval--   --nostringval--   --nostringval--   2   %stopped_push   --nostringval--   --nostringval--   -
-nostringval--   false   1   %stopped_push   2   3   %oparray_pop   2   3   %oparray_pop   2   3   %oparray_pop   .runexec2   --nostringval--
   --nostringval--   --nostringval--   2   %stopped_push   --nostringval--   --nostringval--   --nostringval--   --nostringval--
Dictionary stack:
   --dict:1105/1417(ro)(G)--   --dict:0/20(G)--   --dict:72/200(L)--   --dict:94/300(L)--
Current allocation mode is local
Last OS error: 2
Current file position is 4402
$ head cal.ps 
%!PS-Adobe-2.0
%%Creator: dvips(k) 5.86 Copyright 1999 Radical Eye Software
%%Title: cal.dvi
%%Pages: 12
%%PageOrder: Ascend
%%BoundingBox: 0 0 596 842
%%EndComments
%DVIPSWebPage: (www.radicaleye.com)
%DVIPSCommandLine: dvips cal.dvi -o cal.ps
%DVIPSParameters: dpi=600, compressed
Comment 1 SpanKY gentoo-dev 2006-01-02 11:00:12 UTC
LESSOPEN has *always* been enabled

if you want it off, just do:
# echo 'LESSOPEN=""' > /etc/env.d/99local
# env-update
Comment 2 Tobias Klausmann gentoo-dev 2006-01-03 05:21:50 UTC
Well, if it was always enabled, why haven't I ever noticed this behaviour before?! Some goes for a colleague who runs his own machine which I don't even have an account on. I can hardly believe that I never ever triggered this behaviour before (and neither did he). Maybe the permissions of lesspipe.sh changed. What does CVS say wrt changes to env.d/00basic?
Comment 3 SpanKY gentoo-dev 2006-01-03 06:23:19 UTC
you're assuming the wrong thing

lesspipe.sh itself has increased in terms of features, read the source
Comment 4 Tobias Klausmann gentoo-dev 2006-01-03 07:21:04 UTC
Ah, well, that explains it of course. Thanks for your time.
Comment 5 Jakub Moc (RETIRED) gentoo-dev 2007-05-22 16:55:39 UTC
*** Bug 179411 has been marked as a duplicate of this bug. ***