Re: gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk

[coderman <coderman () gmail com>]

On Tue, Mar 6, 2012 at 1:46 PM, Mark Krenz <mark () suso com> wrote:
> Title: Gnome terminal, xfce4-terminal, terminator and other libVTE based
>       terminals write scrollback buffer data to /tmp filesystem

temp data in /tmp ? i'm shocked, SHOCKED!

*cough*


> Worse case scenario:
>  Classified, secret or medical information that was accessed through a
>  terminal window was thought to be safe because it was on a remote server
>  and only accessed via SSH

people in this scenario have bigger concerns to worry about given
their lack of understanding re: operating systems and application
software.



>  Some may not consider this a bug and make the excuse that your
>  terminal's memory stack may end up in swap anyways, or that only root
>  would have access to the data or that you should encrypt /tmp.

correction: one must always use full-disk encryption. anything less is fail.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/