Why do I see someone else's bash history when I run screen?

February 13, 2014 2.3k

New customer here. Started an Ubuntu 12.04 droplet, and so far everything's been running smoothly. However, I just ran `screen` and started scrolling through my bash history. To my dismay, I see curl -L https://{tld ommitted for privacy}.me/cleanimage.sh | bash. This is clearly the bash history of another customer using this machine. This is quite disturbing. I value security, and if this is the kind of data that accessible in these environments (are they containers?) then I won't be able to continue using this service. Can someone please explain this, and fix the issue? Thanks

4 Answers

Johnneylee.Rollins February 13, 2014

https://news.ycombinator.com/item?id=6983097

kamaln7 MOD February 13, 2014

Hello a3sauber,

There's no need to worry, no one is accessing or running anything on your droplet. That script is used to clean up traces such as login IPs from droplets before creating the images for public use. In other words, it was run once on another droplet that was used to prepare the image your droplet is based on.

That URL, which is hosted on an employee's droplet, is no longer valid, it redirects to a digitalocean.com internal machine now, see https://p.kk7.me/sinabutodu.avrasm.

Let me know if you have any other questions.

@Johnneylee.Rollins: How is that related to this?

a3sauber February 14, 2014

Thanks Kamal, that makes sense. These images would have to be a snapshot after some kind of setup process. I see that that's a Digital Ocean script.

Well, it doesn't clean screen's bash history ; )

Johnneylee.Rollins February 14, 2014

@Kamal, I wasn't aware that DO doesn't provide a clean droplet from the start and assumed anything leftover was a part of that issue.

Have another answer? Share your knowledge.

Share

Share your Question

Why do I see someone else's bash history when I run screen?

Leave a Comment

Almost there!

Report a Bug