Alternate program for 'less' linux command/Making 'less' Secure

Asked 2/4, 2014 at 14:53 Answered 2/4, 2014 at 15:0

I want to write an interactive program like 'less' command for Linux. Reason I can't use less in my setup because you can execute shell commands within less prompt '!cmd' which can be a major security risk for any production box.

My preferred language is C, however, if anyone can suggest any other similar program that will be great too, owing to the time I have in my hand.

I know one option will be to browse through the less source code, but it looks like that is not very straight forward either in short time.

Tongs answered 2/4, 2014 at 14:53 Comment(4)

You should approach the security problem more in depth - the command should be run inside an unpriviledged shell (maybe even a chroot), so even if an attacker gains access to a shell it won't have security implications. – Anabel 2/4, 2014 at 14:59

Wouldn't a better title for this question be Making less more secure? As is it's an X-Y problem. – Cheder 2/4, 2014 at 15:37

Even if you could write this program, if you can log into the system and run it, then you could run other shell commands as well, so I fail to see how preventing a pager program from running other commands makes your system any more secure... – Gathers 2/4, 2014 at 16:25

@Cheder That might be a better title for the accepted answer, but the question desires something other than less; so, the question would have to be edited in addition to the title, were it to be changed, in order for it to make much sense to people reading it. – Centesimal 27/10, 2022 at 22:24

Amazing, I got the answer in Man page of less itself. You can disable these stuff using one of the variables.

SECURITY When the environment variable LESSSECURE is set to 1, less runs in a "secure" mode. This means these fea‐ tures are disabled:

          !      the shell command

          |      the pipe command

          :e     the examine command.

          v      the editing command

          s  -o  log files

          -k     use of lesskey files

          -t     use of tags files

                 metacharacters in filenames, such as *

                 filename completion (TAB, ^L)

   Less can also be compiled to be permanently in "secure" mode.

Tongs answered 2/4, 2014 at 14:57 Comment(0)

-2

'less' / 'more' are processes or program by itself. You read the o/p of the other command which you run (probably you will be redirecting with a pipe | ), and parse through them like a file and print every 10 lines.

This can by simply done with python or with C. But logic should be same

Dreadfully answered 2/4, 2014 at 15:0 Comment(3)

I clearly said that I want either name of alternative program which has same feature or the program itself. – Tongs 2/4, 2014 at 15:25

I also read that you wanted to write a program (preferably in c) and it will be great if you would know the program name if it exists. – Dreadfully 2/4, 2014 at 15:56

@Tongs no you didn't, I read your question several times, and it clearly says you want to write a progam by yourself. Nowhere I read that you want the program itself – Gladwin 15/11, 2020 at 9:52

Recommended topics

Hot tags