From owner-freebsd-bugs  Thu May 24  8: 0: 6 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id CCC6237B422
	for <freebsd-bugs@hub.freebsd.org>; Thu, 24 May 2001 08:00:03 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.1/8.11.1) id f4OF03Z09078;
	Thu, 24 May 2001 08:00:03 -0700 (PDT)
	(envelope-from gnats)
Date: Thu, 24 May 2001 08:00:03 -0700 (PDT)
Message-Id: <200105241500.f4OF03Z09078@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Yar Tikhiy <yar@freebsd.org>
Subject: Re: kern/27616: Syscons history permits peeking in the previous session output
Reply-To: Yar Tikhiy <yar@freebsd.org>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

The following reply was made to PR kern/27616; it has been noted by GNATS.

From: Yar Tikhiy <yar@freebsd.org>
To: David Malone <dwmalone@maths.tcd.ie>
Cc: FreeBSD-gnats-submit@freebsd.org
Subject: Re: kern/27616: Syscons history permits peeking in the previous session output
Date: Thu, 24 May 2001 18:54:50 +0400

 On Thu, May 24, 2001 at 03:33:59PM +0100, David Malone wrote:
 > > >How-To-Repeat:
 > > 	
 > > 	Log off a FreeBSD vty, hit ScrollLock, scroll to the
 > > 	terminated session contents using Up or PageUp and see your
 > > 	decrypted love-letters, private talks etc.
 > 
 > Couldn't you set the size of the scroll-back buffer to zero if this
 > upsets you or your users? (kbdcontrol -h 1 will effectively do this).
 
 First, one wouldn't like to lose the history buffer at all.
 Second, it's neither me nor my users who is upset by the issue.
 It's a general security problem, though.
 
 > Alot of terminal emulators would have this problem.
  
 A lot of operating systems are buggy crap. FreeBSD is not ;-)
 
 > (Loosing the scroll back buffer on logout would be likely to upset
 > some people 'cos it means that console log messages would be erased.)
 
 Let it be a per-vty configurable option.
 
 -- 
 Yar

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message