Re: Information disclosure?

• Previous message: Dean Strik: "Re: Information disclosure?"
• In reply to: Jesper Wallin: "Re: Information disclosure?"
• Next in thread: Dean Strik: "Re: Information disclosure?"
• Reply: Dean Strik: "Re: Information disclosure?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 22 Apr 2005 14:52:00 +0300
To: Jesper Wallin <jesper@www.hackunite.net>

On 2005-04-22 06:21, Jesper Wallin <jesper@www.hackunite.net> wrote:
>Pat Maddox wrote:
>>On 4/21/05, Jesper Wallin <jesper@hackunite.net> wrote:
>>>Hello,
>>>For some reason, I thought little about the "clear" command today..
>>>Let's say a privileged user (root) logs on, edit a sensitive file
>>>(e.g, a file containing a password, running vipw, etc) .. then runs
>>>clear and logout. Then anyone can press the scroll-lock command,
>>>scroll back up and read the sensitive information.. Isn't "clear"
>>>ment to clear the backbuffer instead of printing a full screen of
>>>returns? If it does, I'm not sure how that would effect a user
>>>running "clear" on a pty (telnet, sshd, screen, etc) ..
>>
>>No, it's not meant to clear the buffer. If you need to clear the
>>buffer, just cat a really, really long file.
>
> Heh, that sounds more like a ugly hack than a solution if you ask me.

Who has physical access to your consoles and why?

Putting "deliberate paranoia" aside for a while, you can always _force_
the syscons buffer to be cleared by toggling between a couple of
different video modes:

        # vidcontrol 80x30 ; vidcontrol 80x25 ; clear ; logout

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Dean Strik: "Re: Information disclosure?"
• In reply to: Jesper Wallin: "Re: Information disclosure?"
• Next in thread: Dean Strik: "Re: Information disclosure?"
• Reply: Dean Strik: "Re: Information disclosure?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Information disclosure? ... that sounds more like a ugly hack than a solution if you ask me. ... Pat Maddox wrote: ... >buffer, just cat a really, really long file. ... (FreeBSD-Security) Re: filename and pipes and * ... > passing the output to the sed command. ... It is not a matter of memory but of the buffer used to temporarily hold ... Would you want cat to behave by always reading in the entire file before ... (comp.unix.shell) Re: strace on cat /proc/my_file gives results by calling read twice why? ... > return that many) and a second time, when it tries to read more ... > reasons, reaching EOF only being one of them. ... > 'cat' or into a function it uses to read from the file. ... > use some buffer for reading, so 4096 is probably a choice someone ... (comp.os.linux.development.system) Re: disk copy ... Read a buffer from the ... with cat it is always ... physical disks I think even 512 bytes is a large ... Kasper Dupont -- der bruger for meget tid paa usenet. ... (comp.os.linux.development.system) Re: strace on cat /proc/my_file gives results by calling read twice why? ... >> Okey do check the size of buf u will get from cat programme. ... >> so may be the size of default buffer of cat command more then what you ... > called twice. ... reasons, reaching EOF only being one of them. ... (comp.os.linux.development.system)