On 2014-12-03 12:54, Robert Moskowitz wrote:
On 12/03/2014 02:49 AM, Gordan Bobic wrote:
On 12/03/2014 04:06 AM, Robert Moskowitz wrote:
Well I finally realized why no history for user root.
/root/.bash_history is linked to /dev/null
What is the reason for this? Is it for security reasons?
Yes.
What is the security vulnerablity?
It is to mitigate the risk of potentially compromsing another
machine should the local machine become compromised. Consider
the case when you are connecting to a remote MySQL server:
mysql -h remotehost -uusername -ppassword
If you do that, the hostname, username and password will be
saved in ~/.bash_history, and if the local machine gets
compromised it can lead to the attacker also gaining access
to services on another machine.
Besides, you shouldn't be using the root account for anything,
you should add a regular user to the wheel group and use sudo
instead. On many distributions, the root account is disabled
by default these days.
Obvious, though I wonder how the system manages when you delete the
history, what does it do with the command to do that? Does it create
the history to store it at that time and the touch is not needed?
The touch is, indeed superfluous. Bash will create the history file
if it doesn't exist.
Is it better to do this from another user with sudo?
Yes, see above.
Gordan
_______________________________________________
users mailing list
[email protected]
http://lists.redsleeve.org/mailman/listinfo/users
