From owner-freebsd-security@FreeBSD.ORG  Fri Apr 22 03:06:24 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B74BF16A4CE
	for <freebsd-security@freebsd.org>;
	Fri, 22 Apr 2005 03:06:24 +0000 (GMT)
Received: from mxfep02.bredband.com (mxfep02.bredband.com [195.54.107.73])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 74C7A43D2F
	for <freebsd-security@freebsd.org>;
	Fri, 22 Apr 2005 03:06:23 +0000 (GMT)
	(envelope-from jesper@hackunite.net)
Received: from mail.hackunite.net ([213.112.198.142] [213.112.198.142])
          by mxfep02.bredband.com with ESMTP
          id <20050422030622.QSZV3591.mxfep02.bredband.com@mail.hackunite.net>
          for <freebsd-security@freebsd.org>;
          Fri, 22 Apr 2005 05:06:22 +0200
Received: from [213.112.198.205]
	(c-cdc670d5.022-45-6f72652.cust.bredbandsbolaget.se [213.112.198.205])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.hackunite.net (Postfix) with ESMTP id 177ED60D7
	for <freebsd-security@freebsd.org>;
	Fri, 22 Apr 2005 05:06:23 +0200 (CEST)
Message-ID: <42686A29.7090900@hackunite.net>
Date: Fri, 22 Apr 2005 05:06:17 +0200
From: Jesper Wallin <jesper@hackunite.net>
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-security@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: by amavisd-new at mail.hackunite.net
Subject: Information disclosure?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: jesper@hackunite.net
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Apr 2005 03:06:24 -0000

Hello,

For some reason, I thought little about the "clear" command today.. 
Let's say a privileged user (root) logs on, edit a sensitive file (e.g, 
a file containing a password, running vipw, etc) .. then runs clear and 
logout. Then anyone can press the scroll-lock command, scroll back up 
and read the sensitive information.. Isn't "clear" ment to clear the 
backbuffer instead of printing a full screen of returns? If it does, I'm 
not sure how that would effect a user running "clear" on a pty (telnet, 
sshd, screen, etc) ..


Best regards,
Jesper Wallin