|
Full Disclosure
mailing list archives
Re: gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk
From: coderman <coderman () gmail com>
Date: Tue, 6 Mar 2012 17:12:04 -0800
On Tue, Mar 6, 2012 at 1:46 PM, Mark Krenz <mark () suso com> wrote:
Title: Gnome terminal, xfce4-terminal, terminator and other libVTE based
terminals write scrollback buffer data to /tmp filesystem
temp data in /tmp ? i'm shocked, SHOCKED!
*cough*
Worse case scenario:
Classified, secret or medical information that was accessed through a
terminal window was thought to be safe because it was on a remote server
and only accessed via SSH
people in this scenario have bigger concerns to worry about given
their lack of understanding re: operating systems and application
software.
Some may not consider this a bug and make the excuse that your
terminal's memory stack may end up in swap anyways, or that only root
would have access to the data or that you should encrypt /tmp.
correction: one must always use full-disk encryption. anything less is fail.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
|
