Bug 807369 - RFE: Clear screen including scroll-back buffer after locking session
Summary: RFE: Clear screen including scroll-back buffer after locking session
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: vlock
Version: 6.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Karel Zak
QA Contact: BaseOS QE - Apps
URL:
Whiteboard:
Depends On: 714684
Blocks: 836165
TreeView+ depends on / blocked
 
Reported: 2012-03-27 15:40 UTC by Petr Pisar
Modified: 2016-04-06 10:05 UTC (History)
0 users

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-04-06 10:05:17 UTC


Attachments (Terms of Use)
Implement console erase (3.11 KB, patch)
2012-03-27 15:40 UTC, Petr Pisar
no flags Details | Diff

Description Petr Pisar 2012-03-27 15:40:33 UTC
Created attachment 573106 [details]
Implement console erase

There was a discussion (bug #681600) how to disable access to text printed before locking session while session is locked to prevent from leaking sensitive data.

Attached patch implements optional console erase by adding -e or --erase option to vlock command.

In addition, the scroll-back buffer is erased if underlying kernel supports it. The support exist in Linux since 3.0 and has been back-ported into RHEL-6 kernel too.

Making this feature default can be subject of further discussion.

Comment 2 RHEL Product and Program Management 2012-07-10 08:27:46 UTC
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.

Comment 3 Ludek Smid 2012-07-11 11:39:38 UTC
This request was erroneously removed from consideration in
Red Hat Enterprise Linux 6.4, which is currently under
development.  This request will be evaluated for inclusion
in Red Hat Enterprise Linux 6.4.

Comment 4 Petr Pisar 2012-07-30 11:19:10 UTC
I spotted a typo:

--- a/help.c
+++ b/help.c
@@ -26,6 +26,8 @@ void print_help(int exitcode) {
 	  "       switch to other virtual consoles.\n"
 	  "-a or --all: lock all virtual consoles by preventing other users\n"
 	  "       from switching virtual consoles.\n"
+	  "-e or --erase: erase current virtual console content\n"
+	  "       from switching virtual consoles.\n"
 	  "-v or --version: Print the version number of vlock and exit.\n"
 	  "-h or --help: Print this help message and exit.\n"
 	  );

The second line should not be added. Something like this:

--- a/help.c
+++ b/help.c
@@ -26,6 +26,7 @@ void print_help(int exitcode) {
 	  "       switch to other virtual consoles.\n"
 	  "-a or --all: lock all virtual consoles by preventing other users\n"
 	  "       from switching virtual consoles.\n"
+	  "-e or --erase: erase current virtual console content\n"
 	  "-v or --version: Print the version number of vlock and exit.\n"
 	  "-h or --help: Print this help message and exit.\n"
 	  );

Comment 5 Karel Zak 2012-11-14 11:12:43 UTC
Applied to f18 (=RHEL7) and f19. 

I have doubts we will see a special RHEL6.x errata for vlock. Maybe we can close this report.

Comment 6 RHEL Product and Program Management 2013-10-14 00:45:00 UTC
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unable to address this
request at this time.

Red Hat invites you to ask your support representative to
propose this request, if appropriate, in the next release of
Red Hat Enterprise Linux.


Note You need to log in before you can comment on or make changes to this bug.