Steps to reproduce: % vidcontrol -C Expected behaviour: Scrollback cleared (e.g. confirm with ScrLk / PgUp) Observed behaviour: % vidcontrol -C vidcontrol: clearing history buffer: Inappropriate ioctl for device
This bug is security relevant, because it may disclose the content of a session to somebody without an account but physical access to the machine. They can see parts of the last session simply by scrolling back in the terminal, even without the need to login.
A commit references this bug: Author: jah Date: Thu May 28 21:22:31 UTC 2020 New revision: 361601 URL: https://svnweb.freebsd.org/changeset/base/361601 Log: vt(4): Add support for `vidcontrol -C' Extract scrollback buffer initialization into a common routine, used both during vt(4) init and in handling the CONS_CLRHIST ioctl. PR: 224436 Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D24815 Changes: head/sys/dev/vt/vt.h head/sys/dev/vt/vt_buf.c head/sys/dev/vt/vt_core.c
A commit references this bug: Author: jah Date: Tue Jun 2 01:21:48 UTC 2020 New revision: 361719 URL: https://svnweb.freebsd.org/changeset/base/361719 Log: vt(4): reset scrollback and cursor position after clearing history buffer r361601 implemented basic support for cleaing the console history buffer. But after clearing the history buffer, it's not especially useful to be able to scroll back through that buffer, or for the cursor position to remain at (very likely) the bottom of the screen. PR: 224436 Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D25079 Changes: head/sys/dev/vt/vt_buf.c head/sys/dev/vt/vt_core.c head/sys/kern/subr_terminal.c