Get alerted when assets are down, slow, or vulnerable to SSL attacks—all free for a month. Learn more

Question

Why do I see someone else's bash history when I run screen?

  • Posted on February 13, 2014
  • a3sauberAsked by a3sauber

New customer here. Started an Ubuntu 12.04 droplet, and so far everything’s been running smoothly. However, I just ran screen and started scrolling through my bash history. To my dismay, I see curl -L https://{tld ommitted for privacy}.me/cleanimage.sh | bash. This is clearly the bash history of another customer using this machine.

This is quite disturbing. I value security, and if this is the kind of data that accessible in these environments (are they containers?) then I won’t be able to continue using this service.

Can someone please explain this, and fix the issue?

Thanks

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Johnneylee.RollinsFebruary 14, 2014

@Kamal, I wasn’t aware that DO doesn’t provide a clean droplet from the start and assumed anything leftover was a part of that issue.

a3sauberFebruary 14, 2014

Thanks Kamal, that makes sense. These images would have to be a snapshot after some kind of setup process. I see that that’s a Digital Ocean script. <br> <br>Well, it doesn’t clean screen’s bash history ; )

Kamal NasserFebruary 13, 2014

Hello a3sauber, <br> <br>There’s no need to worry, no one is accessing or running anything on your droplet. That script is used to clean up traces such as login IPs from droplets before creating the images for public use. In other words, it was run once on another droplet that was used to prepare the image your droplet is based on. <br> <br>That URL, which is hosted on an employee’s droplet, is no longer valid, it redirects to a digitalocean.com internal machine now: <br> <pre> ~: curl -I https://{url}/cleanimage.sh HTTP/1.1 302 Moved Temporarily Server: nginx Date: Thu, 13 Feb 2014 20:06:10 GMT Content-Type: text/html Content-Length: 154 Connection: keep-alive Location: https://assets.digitalocean.com/cleanimage.sh </pre> <br> <br>Let me know if you have any other questions. <br> <br>@Johnneylee.Rollins: How is that related to this?

Try DigitalOcean for free

Click below to sign up and get $100 of credit to try our products over 60 days!

Sign up