Pretty much what the others said with the addition that if you can't trust root, you simply cannot trust *any* command on that machine, including gpg, since root can compromise them in many ways, too. Best bet is to download it every session and clear it -- but be warned that even any method used to clear it can have a trap that secretly backs it up, however unlikely.
Bottom line -- either trust root or don't use the machine. Those are your options if you feel paranoid enough that you don't want root always watching you. It's worth pointing out, by the way, that there are ways of watching your program executions without using your bash history, like auditd for example. In fact, I was able to write a script to parse auditd logs out to do just that in a really easy-to-read way -- "user (running as user2) ran /usr/bin/ssh with args: ssh user@host ..." On Feb 6, 2011 6:18 AM, "Emanuel dos Reis Rodrigues" < emanueldosr...@gmail.com> wrote:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/