> He deleted his bash history— the commands he had typed into his own Goldman computer keyboard. To access the computer, he was required to type his password . If he didn’t delete his bash history, his password would be there to see, for anyone who had access to the system.
This comes up fairly often with poorly designed CLI's. Wiping your bash history after running the command isn't an unreasaonble hack.
Edit/Addendum: Although there are other (perhaps better) ways to achieve the same effect, the main point is that doing a "history -c" should be considered no more suspicious than e.g. closing a document to clear your "undo" history.
Much to my dismay this is not true. By default debian is configured to `ignoreboth` ie dupes and spaces. Like you I also change the debian default for HISTCONTROL. Lines 11-13 of /etc/skel/.bashrc:[^1]
# don't put duplicate lines or lines starting with space in the history.
# See bash(1) for more options
HISTCONTROL=ignoreboth
It's controlled by the HISTCONTROL variable in bash. If it contains 'ignorespace' (or 'ignoreboth' to ignore duplicates as well). Check the man page for more details.
Anyone know why this incredible hack was introduced in hr first place? In my entire career this "feature" had only caused annoyance after copy-pasting a command.
Why not have a shell command called 'nohist' to wrap a command line?
Exactly my feeling, this just doesn't make sense, if he was so paranoid about his password being stolen it's unreasonable to rely on something like "remember to remove the shell history on logout". Then he also uploads the code to some random SVN server...
Wait, what?