Why do I see someone else's bash history when I run screen?

February 13, 2014 3k views
a3sauber
By:
a3sauber
New customer here. Started an Ubuntu 12.04 droplet, and so far everything's been running smoothly. However, I just ran `screen` and started scrolling through my bash history. To my dismay, I see curl -L https://{tld ommitted for privacy}.me/cleanimage.sh | bash. This is clearly the bash history of another customer using this machine. This is quite disturbing. I value security, and if this is the kind of data that accessible in these environments (are they containers?) then I won't be able to continue using this service. Can someone please explain this, and fix the issue? Thanks
Log In to Comment
4 Answers
Johnneylee.Rollins February 13, 2014
https://news.ycombinator.com/item?id=6983097
Reply
kamaln7 MOD February 13, 2014
Hello a3sauber,

There's no need to worry, no one is accessing or running anything on your droplet. That script is used to clean up traces such as login IPs from droplets before creating the images for public use. In other words, it was run once on another droplet that was used to prepare the image your droplet is based on.

That URL, which is hosted on an employee's droplet, is no longer valid, it redirects to a digitalocean.com internal machine now: 
~: curl -I https://{url}/cleanimage.sh
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 13 Feb 2014 20:06:10 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: https://assets.digitalocean.com/cleanimage.sh


Let me know if you have any other questions.

@Johnneylee.Rollins: How is that related to this?
Reply
a3sauber February 14, 2014
Thanks Kamal, that makes sense. These images would have to be a snapshot after some kind of setup process. I see that that's a Digital Ocean script.

Well, it doesn't clean screen's bash history ; )
Reply
Johnneylee.Rollins February 14, 2014
@Kamal, I wasn't aware that DO doesn't provide a clean droplet from the start and assumed anything leftover was a part of that issue.
Reply
Have another answer? Share your knowledge.