Security hole in console driver?

Mike A. Harris (mharris@ican.net)
Sat, 16 Jan 1999 16:30:58 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Joseph Anthony: "Re: Netscape broken with 2.2.0-pre7"
Previous message: Brandon S. Allbery KF8NH: "Re: Netscape broken with 2.2.0-pre7"

I just closed down an X session on tty9 that was started from
tty6. After X closed down, I switched back to tty9 and what I
found was the output of some commands I typed 2 days ago on tty2.

Even if I were logged out on all consoles on my machine, someone
walking by could ALT-Fkey to tty9 and see private information.

It might also be possible for them to gain more information
through scrollback, etc...

I don't know how much of a security concern this is, but I've
seen stuff on tty9 after running X several times and had no idea
what it was. Now I know that somehow, the contents of another
tty are ending up on that tty.

Suggestions/comments?

-- Mike A. Harris - Computer Consultant - Linux advocate

Linux software galore: http://freshmeat.net

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Joseph Anthony: "Re: Netscape broken with 2.2.0-pre7"
Previous message: Brandon S. Allbery KF8NH: "Re: Netscape broken with 2.2.0-pre7"