On Fri, 22 Apr 2005, Jesper Wallin wrote:
Hello,
For some reason, I thought little about the "clear" command today.. Let's say a privileged user (root) logs on, edit a sensitive file (e.g, a file containing a password, running vipw, etc) .. then runs clear and logout. Then anyone can press the scroll-lock command, scroll back up and read the sensitive information.. Isn't "clear" ment to clear the backbuffer instead of printing a full screen of returns? If it does, I'm not sure how that would effect a user running "clear" on a pty (telnet, sshd, screen, etc) ..
Best regards, Jesper Wallin
I've often wondered the same thing when connected in via a ssh session. If there was a way to implement this functionality without uglifying the code too much, I don't see why anyone would object to it.
But I don't think you're going to get someone else to code it for you. :)
Mike "Silby" Silbersack _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[EMAIL PROTECTED]"
