Security issue in Terminal

[Guido Berhoerster]

* Kevin Chadwick <ma1l1ists at yahoo.co.uk> [2012-03-08 16:17]:
> > I'm not sure I understand what you're trying to say here. The
> > original report basically complains that terminal involving
> > sensitive data can end up on disk, it is not about information
> > disclosure through world readable files.
> > So even if you use xterm, the xterm scrollback memory may be
> > swapped out and end up on disk as well. Encrypting swap may
> > mitigate this particular issue but even then there are many
> > different ways how accessed data may end up somewhere on disk.
> > The only viable solution to prevent sensitive data from being
> > stored in clear on disk is to use full disk encryption. And even
> > then your system might still be susceptible to cold boot attacks,
> > turning off the power and pulling the plug won't protect you from
> > that either.
> 
> Ok I may have skipped some words and you should encrypt swap or
> disable it, though most won't know how or the caveats such as hibernate
> or keys being around. Using xterm, disabling swap and pulling the plug
> would be more secure, less problematic and easier than encrypting swap
> for most. I do encrypt swap though, for programs that don't deal with
> passwords properly etc..
> 
> Encrypting the whole disk does next to nothing for security except when
> you switch it off and leave the room. Granted there are things like

But that's the kind of security the original reporter is talking
about.

> regarding world readable. You may grep something or cat something from a
> file of mode 600, it is apparently written to /tmp by terminal. An
> attacker running as _nobody could then create an empty file as that
> user and read the data making that data world readable. I believe

I don't get that part, provided that the temporary files are
created in a secure manner, an unprivileged user cannot access
them and also does not have access to the raw disk device.
-- 
Guido Berhoerster