Jonathan Kamens <j...@kamens.us> writes: > apt-listchanges no longer calls less by default, it calls > sensible-pager. It feels to me like perhaps settings LESSSECURE should > be sensible-pager's job if anybody is going to do it, not > apt-listchanges's job. What do you think?
I'm not sure how sensible-pager could do this job, since it doesn't know whether it is being invoked in a circumstance where secure model should be enabled. That information is not part of its API, and enabling secure mode whenever it is invoked seems obviously incorrect. I assume the problem that the original bug reporter is trying to solve is that they want to grant sudo access to run apt upgrade, but that is equivalent to granting full root shell access because of: apt -> apt-listchanges -> less -> !command I think this is one of those awkward cases where there is no great place to put this configuration, because none of those components have enough information to know that it is appropriate. But I think the original bug report is correct that none of the features LESSSECURE disables are likely useful in the apt-listchanges context. The two places where it would make sense to set this to me are in the sudo configuration using env_file or the like, or setting it in apt-listchanges since apt-listchanges at least knows what it is invoking the pager to do and can make an educated guess at what UI options the user is likely to want. I think the other pieces in the chain have even less information and are even less suited to making this decision. Of those two options, having apt-listchanges do it would be less obscure (it's not immediately obvious that apt could run less), although possibly surprising. -- Russ Allbery (r...@debian.org) <https://www.eyrie.org/~eagle/>