From owner-freebsd-security@FreeBSD.ORG  Fri Apr 22 12:37:23 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CACE716A4CE
	for <freebsd-security@freebsd.org>;
	Fri, 22 Apr 2005 12:37:23 +0000 (GMT)
Received: from mail24.sea5.speakeasy.net (mail24.sea5.speakeasy.net
	[69.17.117.26])	by mx1.FreeBSD.org (Postfix) with ESMTP id 7AC5743D31
	for <freebsd-security@freebsd.org>;
	Fri, 22 Apr 2005 12:37:23 +0000 (GMT)
	(envelope-from freebsd-security-local@be-well.ilk.org)
Received: (qmail 7029 invoked from network); 22 Apr 2005 12:37:21 -0000
Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org)
	([66.92.78.145])
	(envelope-sender <freebsd-security-local@be-well.ilk.org>)
	by mail24.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP
	for <freebsd-security@freebsd.org>; 22 Apr 2005 12:37:21 -0000
Received: by be-well.ilk.org (Postfix, from userid 1147)
	id B7D2854; Fri, 22 Apr 2005 08:37:20 -0400 (EDT)
Sender: lowell@be-well.ilk.org
To: jesper@hackunite.net
References: <42686A29.7090900@hackunite.net>
From: Lowell Gilbert <freebsd-security-local@be-well.ilk.org>
Date: 22 Apr 2005 08:37:20 -0400
In-Reply-To: <42686A29.7090900@hackunite.net>
Message-ID: <441x93vvgf.fsf@be-well.ilk.org>
Lines: 16
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
cc: freebsd-security@freebsd.org
Subject: Re: Information disclosure?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Apr 2005 12:37:23 -0000

Jesper Wallin <jesper@hackunite.net> writes:

> For some reason, I thought little about the "clear" command
> today.. Let's say a privileged user (root) logs on, edit a sensitive
> file (e.g, a file containing a password, running vipw, etc) .. then
> runs clear and logout. Then anyone can press the scroll-lock command,
> scroll back up and read the sensitive information.. Isn't "clear" ment
> to clear the backbuffer instead of printing a full screen of returns?

That might have made sense, but it's never been the case.  clear(1) is
meant and documented to execute the "clear_screen" termcap sequence.

If you want to clear the history buffer, just use vidcontrol(1).  It
has options to clear or change the size of the history buffer, and it
is already specific to syscons(4), so it doesn't need to be as general
as termcap(5).