Re: history issue - bug?

To: debian-user@lists.debian.org
Subject: Re: history issue - bug?
From: David Wright <deblis@lionunicorn.co.uk>
Date: Sun, 14 Jan 2018 13:22:05 -0600
Message-id: <[🔎] 20180114192205.GA10642@alum>
Reply-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 378995600.uRCEA57q2v@protheus7>
References: <[🔎] 3311189.JlHkIjQTY9@protheus7> <[🔎] 20180114144121.GA7175@alum> <[🔎] 378995600.uRCEA57q2v@protheus7>

On Sun 14 Jan 2018 at 17:46:51 (+0100), Hans wrote:
> Am Sonntag, 14. Januar 2018, 08:41:21 CET schrieb David Wright:
> Hi David,
> 
> thanks for enlightening me. I always though, that "history -c" would clear all 
> the history and its files as the help file says:
> 
> -c        clear the history list by deleting all of the entries
> 
> So IMO this should delete all related history files, even bash_history. 

Sorry, but that wouldn't be how the English in that statement would
normally be understood.

> And as far as I remember, this did it do in former times. 

Not in bash 2.

> In my eyes this is a security hole, as someone, who gaines root somehow (what 
> already is bad eneough) might get more informations of commands, root did in 
> the past. 

If this concerns you, truncate ~/.bash_history and chmod a=r.

> As I said, history -c should delete ALL traces of history, just as the help 
> files tells, shouldn't it?

No. you lose functionality.

> As you confirmed, it does not and you also 
> confirmed, that this is normal behaviour. 

Yes, and it follows the documentation.

> In this case, I recommend this as a failure-by-design.

> Again, thanks for your clearence, I will file a bug report.

I would prefer you didn't.

> > On Sun 14 Jan 2018 at 14:07:01 (+0100), Hans wrote:
> > > Hi folks,
> > > 
> > > try this:
> > > 
> > > 1. login as normal user
> > > 
> > > 2. become root with "su -"
> > 
> > … which reads ~/.bash_history into what I call the command recall buffer.
> > 
> > > 3. delete history with "history -c"
> > 
> > … which deletes all the entries in the recall buffer, those just read
> >   in and those commands typed since logging in.
> > 
> > > 4. Check history, history is gone
> > 
> > Presumably you mean you just tried to recall a command and failed.
> > Make that command "ls -l ~/.bash_history" and you'll see the file
> > is still there.
> > 
> > > 5. logout from root by "CTL + D" or "exit"
> > > 
> > > 6. relogin as root with "su -"
> > 
> > … which reads ~/.bash_history.
> > 
> > > 7. Check history, voila, it appears again.
> > 
> > … as expected.
> > 
> > > What is wrong?
> > 
> > Distinguish between history list and history file.
> > 
> > To eliminate your history, you need to remove/empty the file and
> > also clear the list just before you logout.

Cheers,
David.

Reply to:

References:
- history issue - bug?
  - From: Hans <hans.ullrich@loop.de>
- Re: history issue - bug?
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: history issue - bug?
  - From: Hans <hans.ullrich@loop.de>

Prev by Date: Re: apt uninstall apparmor
Next by Date: Re: apt uninstall apparmor
Previous by thread: Re: history issue - bug?
Next by thread: Re: history issue - bug?
Index(es):
- Date
- Thread