Information disclosure?

[Jesper Wallin]

Hello,

For some reason, I thought little about the "clear" command today.. 
Let's say a privileged user (root) logs on, edit a sensitive file (e.g, 
a file containing a password, running vipw, etc) .. then runs clear and 
logout. Then anyone can press the scroll-lock command, scroll back up 
and read the sensitive information.. Isn't "clear" ment to clear the 
backbuffer instead of printing a full screen of returns? If it does, I'm 
not sure how that would effect a user running "clear" on a pty (telnet, 
sshd, screen, etc) ..


Best regards,
Jesper Wallin