Accessing history in multiuser environment

[gitqlt]

By default, the .history files have strict access permissions (usually -rw-------) so that only the creator user has access to them.

With RESH, running rawinstall as a normal user starts a resh daemon owned by that user. Then the root user can also run rawinstall. After that, only a single resh daemon (owned by the normal user) will be running.

At this point, both are free to write and browse the RESH history, and even the normal user can see the root user's commands. The commands executed by the two users appear mixed up. Moreover, displaying the ~ (home directory) is ambiguous because the /root directory and the /home/<user> directory both appear as ~. When a third, ordinary user also starts RESH, that user will also view the command history of the first two.

RESH should keep the history private and not shuffle the search result.

[curusarn]

Hi @gitqlt,

Thank you for raising this!

I do agree that RESH shouldn't mix the history of all users together. You should be able to get separate histories by running RESH multiple times on the same machine.

And you should use different ports in RESH config for each user:

Port = 2627 # use different port for each user

Find where config is: https://github.com/curusarn/resh/blob/master/troubleshooting.md#configuration

You will need to install RESH for each user separately.

Let me know if this solves your issue. 🙏

[gitqlt]

Hi @curusarn, Certainly starting separate daemons with different ports is a solution to confusion. However, I think being able to connect to another user's daemon is a security issue. An unaware (or malicious) user starts RESH with the default setting and will read/[write] the other user's history.