On 12/03/2014 01:33 PM, Gordan Bobic wrote:
On 2014-12-03 12:54, Robert Moskowitz wrote:
On 12/03/2014 02:49 AM, Gordan Bobic wrote:
On 12/03/2014 04:06 AM, Robert Moskowitz wrote:
Well I finally realized why no history for user root.
/root/.bash_history is linked to /dev/null
What is the reason for this? Is it for security reasons?
Yes.
What is the security vulnerablity?
It is to mitigate the risk of potentially compromsing another
machine should the local machine become compromised. Consider
the case when you are connecting to a remote MySQL server:
mysql -h remotehost -uusername -ppassword
If you do that, the hostname, username and password will be
saved in ~/.bash_history, and if the local machine gets
compromised it can lead to the attacker also gaining access
to services on another machine.
thanks for this, Gordon. Kind of obvious once it is stuck in your face.
Besides, you shouldn't be using the root account for anything,
you should add a regular user to the wheel group and use sudo
instead. On many distributions, the root account is disabled
by default these days.
Kind of a mixed bag on my part. Though it would seem that the user you
use to do that remote access will have the same message in its
.bash_history. If you only have one login user on a server, the
attacker would find its bash history.
_______________________________________________
users mailing list
[email protected]
http://lists.redsleeve.org/mailman/listinfo/users
