Re: Information disclosure?

From: Jesper Wallin (jesper_at_hackunite.net)
Date: 04/22/05

Next message: Mike Silbersack: "Re: Information disclosure?"

Previous message: Pat Maddox: "Re: Information disclosure?"
In reply to: Pat Maddox: "Re: Information disclosure?"
Next in thread: Giorgos Keramidas: "Re: Information disclosure?"
Reply: Giorgos Keramidas: "Re: Information disclosure?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 22 Apr 2005 06:21:49 +0200
To: Pat Maddox <pergesu@gmail.com>

Heh, that sounds more like a ugly hack than a solution if you ask me.

Pat Maddox wrote:

>No, it's not meant to clear the buffer. If you need to clear the
>buffer, just cat a really, really long file.
>
>
>
>On 4/21/05, Jesper Wallin <jesper@hackunite.net> wrote:
>
>
>>Hello,
>>
>>For some reason, I thought little about the "clear" command today..
>>Let's say a privileged user (root) logs on, edit a sensitive file (e.g,
>>a file containing a password, running vipw, etc) .. then runs clear and
>>logout. Then anyone can press the scroll-lock command, scroll back up
>>and read the sensitive information.. Isn't "clear" ment to clear the
>>backbuffer instead of printing a full screen of returns? If it does, I'm
>>not sure how that would effect a user running "clear" on a pty (telnet,
>>sshd, screen, etc) ..
>>
>>Best regards,
>>Jesper Wallin
>>
>>_______________________________________________
>>freebsd-security@freebsd.org mailing list
>>http://lists.freebsd.org/mailman/listinfo/freebsd-security
>>To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
>>
>>
>>
>_______________________________________________
>freebsd-security@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-security
>To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
>
>

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

Next message: Mike Silbersack: "Re: Information disclosure?"

Previous message: Pat Maddox: "Re: Information disclosure?"
In reply to: Pat Maddox: "Re: Information disclosure?"
Next in thread: Giorgos Keramidas: "Re: Information disclosure?"
Reply: Giorgos Keramidas: "Re: Information disclosure?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Information disclosure?
... Pat Maddox wrote: ... | buffer, just cat a really, really long file. ... To unsubscribe, ...
(FreeBSD-Security)
Re: Information disclosure?
... >Pat Maddox wrote: ... >>buffer, just cat a really, really long file. ... > Heh, that sounds more like a ugly hack than a solution if you ask me. ...
(FreeBSD-Security)
Re: filename and pipes and *
... > passing the output to the sed command. ... It is not a matter of memory but of the buffer used to temporarily hold ... Would you want cat to behave by always reading in the entire file before ...
(comp.unix.shell)
Re: Pipes, cat buffer size
... suppose this is because cat writes in 64 kB blocks. ... buffer enough data for it. ... decouples how the reader and the writer interact. ... I believe patching cat to bring its block size into the century of the ...
(freebsd-hackers)
Re: strace on cat /proc/my_file gives results by calling read twice why?
... > return that many) and a second time, when it tries to read more ... > reasons, reaching EOF only being one of them. ... > 'cat' or into a function it uses to read from the file. ... > use some buffer for reading, so 4096 is probably a choice someone ...
(comp.os.linux.development.system)