[R] Remove entry with sensitive information from history

Henrik Bengtsson henrik.bengtsson at ucsf.edu
Wed May 27 12:13:13 CEST 2015 

To answer your question on filtering the command-line history: You can
use savehistory()/loadhistory() to rewrite the history, but like all
other solutions/suggestions, it's not guaranteed to work everywhere.
Example:

filterhistory <- function(filter) {
  stopifnot(is.function(filter))
  hf <- tempfile()
  on.exit(file.remove(hf))
  savehistory(hf)
  history <- readLines(hf)
  historyF <- filter(history)
  ## Always write the same number of history lines as
  ## read to make sure everything is overwritten,
  ## cf. 'R_HISTSIZE' in help('savehistory').
  ndropped <- length(history)-length(historyF)
  clear <- rep("'<command-line history erased>'", times=ndropped)
  historyF <- c(clear, historyF)

  writeLines(historyF, con=hf)
  loadhistory(hf)
}

update_password <- function(...) {
  filterhistory(filter=function(x) {
    str(x)
    start <- grep("update_password", x, fixed=TRUE)[1]
    x[seq_len(start-1L)]
  })
  ## ...
  cat("Hello world!\n")
}

This won't work if someone does:

foo <- update_password

and calls foo().  Then you need to use a more clever filter function,
e.g. one that drops the last call, which may be spread out on multiple
lines so not just the last line.

/Henrik

On Wed, May 27, 2015 at 2:06 AM, Prof Brian Ripley
<ripley at stats.ox.ac.uk> wrote:
> On 27/05/2015 09:17, Luca Cerone wrote:
>>
>> Hi David, thanks, but the function has to work from an R shell, I have
>> no graphical server in my remote machines.
>
>
> My suggestion was going to be to use readline() to read the passwords.
> Ideally one would use a custom reader from stdin which did not echo, but
> that is not possible without knowledge of the terminal/console in use (which
> is hard to do portably), nor in general.  One could do what some password
> readers (e.g. that on iOS) do, and after each character is entered backspace
> and overwrite by x or dot.
>
>
>>
>> On Wed, May 27, 2015 at 9:45 AM, David Winsemius <dwinsemius at comcast.net>
>> wrote:
>>>
>>>
>>> On May 27, 2015, at 12:29 AM, Luca Cerone wrote:
>>>
>>>> Hi everybody,
>>>>
>>>> in one of my packages I store encrypted password.
>>>>
>>>> If the user has to change the password in use she can run:
>>>>
>>>> update_password(old_password, new_password)
>>>>
>>>> The problem is that the commands ends up in the .Rhistory file.
>>>>
>>>> Is there any way I can avoid this? Any suggestion about it?
>>>>
>>>
>>> Write a small password verification program in Rcpp or tcl and then call
>>> it to handle the dialog. In the past Greg Snow has suggested: "The tkexamp
>>> function in the TeachingDemos package can help with creating tcltk dialog
>>> boxes. "
>>>
>>> --
>>>
>>> David Winsemius
>>> Alameda, CA, USA
>>>
>>
>> ______________________________________________
>> R-help at r-project.org mailing list -- To UNSUBSCRIBE and more, see
>> https://stat.ethz.ch/mailman/listinfo/r-help
>> PLEASE do read the posting guide
>> http://www.R-project.org/posting-guide.html
>> and provide commented, minimal, self-contained, reproducible code.
>>
>
>
> --
> Brian D. Ripley,                  ripley at stats.ox.ac.uk
> Emeritus Professor of Applied Statistics, University of Oxford
> 1 South Parks Road, Oxford OX1 3TG, UK
>
>
> ______________________________________________
> R-help at r-project.org mailing list -- To UNSUBSCRIBE and more, see
> https://stat.ethz.ch/mailman/listinfo/r-help
> PLEASE do read the posting guide http://www.R-project.org/posting-guide.html
> and provide commented, minimal, self-contained, reproducible code.

More information about the R-help mailing list