And from bash man page: –noprofile Do not read either the …

Tuesday, 19th March 2024

Comment on How to make sure your Linux system users won’t hide or delete their .bash_history / Securing .bash_history file – Protect Linux system users shell history by Rob Fortune.

And from bash man page:

–noprofile
Do not read either the system-wide startup file /etc/profile or any of the personal initialization files ~/.bash_profile, ~/.bash_login, or ~/.profile. By default, bash reads these files when it is invoked as a login shell (see INVOCATION below).

So I gave it a little try and viola, a login shell without downloading my own where I can unset HISTFILE 🙂

Rob Fortune Also Commented

How to make sure your Linux system users won’t hide or delete their .bash_history / Securing .bash_history file – Protect Linux system users shell history
Do you have python or perl installed? A quick REPL loop that executes system calls and you have a very lame bash with no history 🙂


How to make sure your Linux system users won’t hide or delete their .bash_history / Securing .bash_history file – Protect Linux system users shell history
You could of course patch bash to not have these options, but you were correct in saying “it won’t a 100% guaranttee that a good cracker won’t be able to come up with a way to get around the imposed .bash_history security measures.”

I’m far from a good cracker 🙂 I bet there are other ways around it too.


How to make sure your Linux system users won’t hide or delete their .bash_history / Securing .bash_history file – Protect Linux system users shell history
rob@bob:~/tmp/foo> exec env -i bash –noprofile –norc
bash-4.1$ unset HISTFILE


Share this on:

Comments are closed.