Pretty ridiculous it will pipe out to pdf2text. If I’m running less on a pdf, it’s probably because I’m so wary of it being malicious I don’t trust a pdf parser to handle.
This architecture could be abused. If distros implement html previewing using a headless webkit browser then
you could get owned by a webkit zero day. Now that I think about it, the situation with less seems quite similar to the the situation with ldd
I’ve always found this type of indirection quite frustrating. When I call less I’d like to know that it’s actually calling less. Unless I make a conscious decision to redirect it with aliases or scripts at which point I take responsibility for any stability or security issues).