nmcli: set LESSSECURE=1 (unless already set)lr/make-less-less-insecure

Apparently, the pager being able to execute commands takes some people by surprpise, making their poor configuration choices have consequences. Let's pray for some mercy on their souls with the LESSECURE variable, which makes less less likely to conduct evil deeds. Systemd also deals with this, but being systemd they make it as complicated as possible. We just set it unconditionally, hoping nobody wanted the extra functionality and they're in only for the scrolling. If anyone minds they can just set LESSSECURE=0 and we'll leave it alone. See also: SYSTEMD_PAGERSECURE in systemctl(1) manual.
author: Lubomir Rintel <lkundrak@v3.sk> 2023-03-06 08:57:59 +0100
committer: Lubomir Rintel <lkundrak@v3.sk> 2023-03-06 10:58:34 +0100
commit: 010ecfe9ea0b411cee531478ade49fb70b55d2ff (patch)
tree: 3aca9e5c6e0c28664fa28e7d9e7395b4e58b12aa
parent: 308e224e8e75adba3ae951bafdf977eb7d9ccbf5 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/nmcli/utils.c b/src/nmcli/utils.c
index 2c155fff24..7d446cef24 100644
--- a/src/nmcli/utils.c
+++ b/src/nmcli/utils.c
@@ -1467,6 +1467,7 @@ nmc_terminal_spawn_pager(const NmcConfig *nmc_config)
     ev = g_get_environ();
     ev = g_environ_setenv(ev, "LESS", "FRSXMK", TRUE);
     ev = g_environ_setenv(ev, "LESSCHARSET", "utf-8", TRUE);
+    ev = g_environ_setenv(ev, "LESSSECURE", "1", FALSE);
 
     pager_pid = fork();
     if (pager_pid == -1) {
author	Lubomir Rintel <lkundrak@v3.sk>	2023-03-06 08:57:59 +0100
committer	Lubomir Rintel <lkundrak@v3.sk>	2023-03-06 10:58:34 +0100
commit	010ecfe9ea0b411cee531478ade49fb70b55d2ff (patch)
tree	3aca9e5c6e0c28664fa28e7d9e7395b4e58b12aa
parent	308e224e8e75adba3ae951bafdf977eb7d9ccbf5 (diff)