更新时间:2022-08-12 19:15:04
1) 应用场景
系统如果被黑客攻入,他就可以查看一下histroy就能知道了系统的一些敏感信息,像登录的密码之类的:比如有马虎的维护工程师,直接输入了数据库的密码:
1
2
3
4
5
6
|
[root@mysql-master ~] # history
16 history 17 clear
18 mysql -u root -p 'redhat12345' -S /data/3306/mysql .sock
19 history
如上,我们可以发现数据库的密码为redhat12345 |
2)如何让系统不记录这些敏感信息了?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
[root@mysql-master ~] # export HISTCONTROL=ignorespace
[root@mysql-master ~] # history
16 history 17 clear
18 mysql -u root -p 'redhat12345' -S /data/3306/mysql .sock
19 history 20 export HISTCONTROL=ignorespace
21 history 22 clear
23 history [root@mysql-master ~] # who am i
root pts /0 2016-10-14 21:13 (10.10.10.1)
[root@mysql-master ~] # mysql -u root -predhat12345 -S /data/3306/mysql.sock -e "show databases;"
+--------------------+ | Database | +--------------------+ | information_schema | | blog | | dawnpro | | eip | | ems | | hangzhou_dawnpro | | james | | kitty | | mysql | | opark | | performance_schema | | test123 | | wanlong | | www | +--------------------+ [root@mysql-master ~] # w
03:19:43 up 1 day, 21:26, 2 users , load average: 1.00, 1.00, 1.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root pts /0 10.10.10.1 21:13 0.00s 0.76s 0.01s w
root pts /1 10.10.10.1 03:03 14:32 0.19s 0.19s - bash
[root@mysql-master ~] # history
16 history 17 clear
18 mysql -u root -p 'redhat12345' -S /data/3306/mysql .sock
19 history 20 export HISTCONTROL=ignorespace
21 history 22 clear
23 history 24 who am i
25 w
26 history 如上可知,“空格+命令”,可以不让histroy记录这些敏感信息 |
3)其它方法
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
输入重要命令前,先输入 export HISTIGNORE=*,然后输入重要命令,输入完成后,再通过" export HISTIGNORE=”恢复记录
[root@mysql-master ~] # history -c
[root@mysql-master ~] # export HISTIGNORE=*
[root@mysql-master ~] # mysql -uroot -predhat12345 -S /data/3306/mysql.sock
Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 65
Server version: 5.5.32-log Source distribution Copyright (c) 2000, 2013, Oracle and /or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and /or its
affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> \q Bye [root@mysql-master ~] # export HISTIGNORE=
[root@mysql-master ~] # history
16 export HISTIGNORE=*
17 history
|