Date: Thu, 24 May 2001 17:10:02 -0700 (PDT) From: Dima Dorfman <dima@unixfreak.org> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/27616: Syscons history permits peeking in the previous session output Message-ID: <200105250010.f4P0A2H05202@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/27616; it has been noted by GNATS.
From: Dima Dorfman <dima@unixfreak.org>
To: yar@freebsd.org
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: kern/27616: Syscons history permits peeking in the previous session output
Date: Thu, 24 May 2001 17:02:12 -0700
Dima Dorfman <dima@unixfreak.org> writes:
> The following reply was made to PR kern/27616; it has been noted by GNATS.
>
> From: Dima Dorfman <dima@unixfreak.org>
> To: Yar Tikhiy <yar@freebsd.org>
> Cc: freebsd-gnats-submit@FreeBSD.org
> Subject: Re: kern/27616: Syscons history permits peeking in the previous sess
> ion output
> Date: Thu, 24 May 2001 16:54:13 -0700
>
> Yar Tikhiy <yar@freebsd.org> writes:
> > On Thu, May 24, 2001 at 03:33:59PM +0100, David Malone wrote:
> > > > >How-To-Repeat:
> > > >
> > > > Log off a FreeBSD vty, hit ScrollLock, scroll to the
> > > > terminated session contents using Up or PageUp and see your
> > > > decrypted love-letters, private talks etc.
> > >
> > > Couldn't you set the size of the scroll-back buffer to zero if this
> > > upsets you or your users? (kbdcontrol -h 1 will effectively do this).
> >
> > First, one wouldn't like to lose the history buffer at all.
> > Second, it's neither me nor my users who is upset by the issue.
> > It's a general security problem, though.
> >
> > > Alot of terminal emulators would have this problem.
> >
> > A lot of operating systems are buggy crap. FreeBSD is not ;-)
> >
> > > (Loosing the scroll back buffer on logout would be likely to upset
> > > some people 'cos it means that console log messages would be erased.)
> >
> > Let it be a per-vty configurable option.
>
> How about adding an option to kbdcontrol(1) to clear the buffer? If
> the user knows they've been reading love letters, they can clear it
> manually. Or if they're always reading love letters, they can stick
> `kbdcontrol -c' in .logout and forget about it. This has the
> fortunate sideaffects of giving the user an option of *when* to clear
> it and *if* to clear it.
>
> Trivial patch attached.
>
> Thoughts?
Okay, I goofed. I hit 'sent' instead of 'sign' :-/. Here's the patch
as mentioned above.
Dima Dorfman
dima@unixfreak.org
Index: sys/sys/consio.h
===================================================================
RCS file: /stl/src/FreeBSD/src/sys/sys/consio.h,v
retrieving revision 1.8
diff -u -r1.8 consio.h
--- sys/sys/consio.h 2001/05/18 09:01:53 1.8
+++ sys/sys/consio.h 2001/05/24 23:50:42
@@ -116,6 +116,9 @@
/* set the history (scroll back) buffer size (in lines) */
#define CONS_HISTORY _IOW('c', 9, int)
+/* clear the history (scroll back) buffer */
+#define CONS_CLRHIST _IO('c', 10)
+
/* mouse cursor ioctl */
struct mouse_data {
int x;
Index: sys/dev/syscons/schistory.c
===================================================================
RCS file: /stl/src/FreeBSD/src/sys/dev/syscons/schistory.c,v
retrieving revision 1.11
diff -u -r1.11 schistory.c
--- sys/dev/syscons/schistory.c 2000/10/08 21:33:54 1.11
+++ sys/dev/syscons/schistory.c 2001/05/24 23:50:42
@@ -299,6 +299,12 @@
DPRINTF(5, ("error:%d, rows:%d, pool:%d\n", error,
sc_vtb_rows(scp->history), extra_history_size));
return error;
+
+ case CONS_CLRHIST:
+ scp = SC_STAT(tp->t_dev);
+ sc_vtb_clear(scp->history, scp->sc->scr_map[0x20],
+ SC_NORM_ATTR << 8);
+ return 0;
}
return ENOIOCTL;
Index: usr.sbin/kbdcontrol/kbdcontrol.1
===================================================================
RCS file: /stl/src/FreeBSD/src/usr.sbin/kbdcontrol/kbdcontrol.1,v
retrieving revision 1.28
diff -u -r1.28 kbdcontrol.1
--- usr.sbin/kbdcontrol/kbdcontrol.1 2001/05/16 09:40:12 1.28
+++ usr.sbin/kbdcontrol/kbdcontrol.1 2001/05/24 23:50:42
@@ -13,7 +13,7 @@
.\" @(#)kbdcontrol.1
.\" $FreeBSD: src/usr.sbin/kbdcontrol/kbdcontrol.1,v 1.28 2001/05/16 09:40:12 ru Exp $
.\"
-.Dd June 30, 1999
+.Dd May 24, 2001
.Dt KBDCONTROL 1
.Os FreeBSD
.Sh NAME
@@ -21,7 +21,7 @@
.Nd a utility for manipulating the syscons console driver
.Sh SYNOPSIS
.Nm
-.Op Fl dFKix
+.Op Fl cdFKix
.Oo
.Fl b
.Ar duration . Ns Ar pitch | Ar belltype
@@ -97,6 +97,8 @@
.Ar keymap_file .
You may load the keyboard map file from a menu-driven command,
.Xr kbdmap 1 .
+.It Fl c
+Clear the history buffer.
.It Fl d
Dump the current keyboard map onto stdout.
The output may be redirected to a file and can be loaded
Index: usr.sbin/kbdcontrol/kbdcontrol.c
===================================================================
RCS file: /stl/src/FreeBSD/src/usr.sbin/kbdcontrol/kbdcontrol.c,v
retrieving revision 1.36
diff -u -r1.36 kbdcontrol.c
--- usr.sbin/kbdcontrol/kbdcontrol.c 2001/05/15 22:53:05 1.36
+++ usr.sbin/kbdcontrol/kbdcontrol.c 2001/05/24 23:50:42
@@ -980,6 +980,14 @@
warn("setting history buffer size");
}
+void
+clear_history()
+{
+
+ if (ioctl(0, CONS_CLRHIST) == -1)
+ warn("clear history buffer");
+}
+
static char
*get_kbd_type_name(int type)
{
@@ -1079,7 +1087,7 @@
usage()
{
fprintf(stderr, "%s\n%s\n%s\n",
-"usage: kbdcontrol [-dFKix] [-b duration.pitch | [quiet.]belltype]",
+"usage: kbdcontrol [-cdFKix] [-b duration.pitch | [quiet.]belltype]",
" [-r delay.repeat | speed] [-l mapfile] [-f # string]",
" [-h size] [-k device] [-L mapfile]");
exit(1);
@@ -1091,10 +1099,13 @@
{
int opt;
- while((opt = getopt(argc, argv, "b:df:h:iKk:Fl:L:r:x")) != -1)
+ while((opt = getopt(argc, argv, "b:cdf:h:iKk:Fl:L:r:x")) != -1)
switch(opt) {
case 'b':
set_bell_values(optarg);
+ break;
+ case 'c':
+ clear_history();
break;
case 'd':
print_keymap();
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200105250010.f4P0A2H05202>