Re: Security hole in console driver?
Damon Buckwalter (damon@meta-x.net)
Sat, 16 Jan 1999 18:45:31 -0800
"Mike A. Harris" wrote:
>
> I just closed down an X session on tty9 that was started from
> tty6. After X closed down, I switched back to tty9 and what I
> found was the output of some commands I typed 2 days ago on tty2.
>
> Even if I were logged out on all consoles on my machine, someone
> walking by could ALT-Fkey to tty9 and see private information.
>
> It might also be possible for them to gain more information
> through scrollback, etc...
>
> I don't know how much of a security concern this is, but I've
> seen stuff on tty9 after running X several times and had no idea
> what it was. Now I know that somehow, the contents of another
> tty are ending up on that tty.
>
> Suggestions/comments?
Just put 'clear' in a .bash_logout for all the users you're worried
about,
and switch to another vt after you've logged out. This effectively
kills the
scrollback buffer.
--
damon@meta-x.net -- PGP and GPG public keys at http://meta-x.net/keys/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/