1 |
On Sat, Aug 8, 2015 at 2:36 PM, Poison BL. <poisonbl@×××××.com> wrote: |
2 |
> |
3 |
> So it was prompted by a perceived security issue, but I would happily sit |
4 |
> down with any of the DPOs involved in that to hear just how that little |
5 |
> bandaid fixes any of the real security issues involved ;) |
6 |
> |
7 |
> -- |
8 |
> Joshua M. Murphy |
9 |
> |
10 |
> |
11 |
Actually, now I recall what the actual issue is/was that prompted it. While |
12 |
there's no reasonable security issue from the information left over by the |
13 |
startup script output, the change was (if I recall from reading about it |
14 |
back then) addressing the data left on screen after a user session, which |
15 |
very much would fall under the scope of the data protection officers |
16 |
mentioned above. When launched from init, as agetty is, there's no sensible |
17 |
way to track whether it's being launched the first time after boot, or |
18 |
relaunched after the end of a previous session, hence the terminal clear by |
19 |
default. |
20 |
|
21 |
-- |
22 |
Joshua M. Murphy |