Quoting "Stephane Chazelas" <stephane.chaze...@gmail.com>:
I don't know if you can make a non-interactive bash write to the
$HISTFILE, but bash, even when non-interactive, even when called
as sh, with SHELLOPTS=history will *read* the HISTFILE.
Thanks for clearing that up for me. Makes sense.
Quoting "Chet Ramey" <chet.ra...@case.edu>:
I understand what you're saying.
As much as we would like, there's no way of stopping all attack vectors by
only hardening bash, not only that, but also taking away its useful
features.
Though I still believe PS4 shouldn't be imported from the environment.
Maybe if running with uid 0.
That's something to think about.
You just need to enable history (set -o history). History is independent
of whether or not the shell is interactive; it's just enabled by default
in interactive shells.
doing a "set -o history" didn't work for me, only when i added a
"history -a" eg:
$ cat test.sh
#!/bin/bash
set -o history
HISTFILE="/tmp/history"
HISTSIZE="1000"
printf 'something\n'
$ ./test.sh
something
$ ls /tmp/history
ls: cannot access /tmp/history: No such file or directory
$ echo history -a >> test.sh
$ ./test.sh
something
$ ls /tmp/history
/tmp/history
$ cat !$
HISTFILE="/tmp/history"
HISTSIZE="1000"
printf 'something\n'
history -a
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.