diff options
author | Lennart Poettering <lennart@poettering.net> | 2020-08-31 19:37:13 +0200 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2020-10-07 09:23:07 +0200 |
commit | 612ebf6c913dd0e4197c44909cb3157f5c51a2f0 (patch) | |
tree | c6c18f8593c47cfba8850b68718bc3157c960ea3 /src/shared | |
parent | 5b49641015adcc7e8edbb9e8e54d5ac5ddf3bf52 (diff) | |
download | systemd-612ebf6c913dd0e4197c44909cb3157f5c51a2f0.tar.gz |
pager: set $LESSSECURE whenver we invoke a pager
Some extra safety when invoked via "sudo". With this we address a
genuine design flaw of sudo, and we shouldn't need to deal with this.
But it's still a good idea to disable this surface given how exotic it
is.
Prompted by #5666
Diffstat (limited to 'src/shared')
-rw-r--r-- | src/shared/pager.c | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/src/shared/pager.c b/src/shared/pager.c index e03be6d23b..9c21881241 100644 --- a/src/shared/pager.c +++ b/src/shared/pager.c @@ -9,6 +9,7 @@ #include <unistd.h> #include "copy.h" +#include "env-util.h" #include "fd-util.h" #include "fileio.h" #include "io-util.h" @@ -152,8 +153,7 @@ int pager_open(PagerFlags flags) { _exit(EXIT_FAILURE); } - /* Initialize a good charset for less. This is - * particularly important if we output UTF-8 + /* Initialize a good charset for less. This is particularly important if we output UTF-8 * characters. */ less_charset = getenv("SYSTEMD_LESSCHARSET"); if (!less_charset && is_locale_utf8()) @@ -164,6 +164,25 @@ int pager_open(PagerFlags flags) { _exit(EXIT_FAILURE); } + /* People might invoke us from sudo, don't needlessly allow less to be a way to shell out + * privileged stuff. */ + r = getenv_bool("SYSTEMD_LESSSECURE"); + if (r == 0) { /* Remove env var if off */ + if (unsetenv("LESSSECURE") < 0) { + log_error_errno(errno, "Failed to uset environment variable LESSSECURE: %m"); + _exit(EXIT_FAILURE); + } + } else { + /* Set env var otherwise */ + if (r < 0) + log_warning_errno(r, "Unable to parse $SYSTEMD_LESSSECURE, ignoring: %m"); + + if (setenv("LESSSECURE", "1", 1) < 0) { + log_error_errno(errno, "Failed to set environment variable LESSSECURE: %m"); + _exit(EXIT_FAILURE); + } + } + if (pager_args) { r = loop_write(exe_name_pipe[1], pager_args[0], strlen(pager_args[0]) + 1, false); if (r < 0) { |