Hello,
Recently while examining the Linux tty code I noticed that my
root password was still in read_buf some time after logging in,
long after it was "read".
I thought it might be a good idea to add a fix to clear out
characters after they're read. The patch seems to work all right.
This is for kernel 2.6.8.1 and the file is drivers/char/n_tty.c.
Enjoy,
Z Smith
Inline patch:
30a31,33
> *
> * 2004/09/20 by Z Smith ([email protected]): chars now truly erased upon
> * reading from read_buf for better security.
380a384
> tty->read_buf[head] = 0;
420a425
> tty->read_buf[tail] = 0;
1108a1114
> tty->read_buf[tty->read_tail] = 0;
-end-