Can http://domain.com/files/.bashrc be remove?

rstudioserver

#1

As mention in previous post, we are running a web vulnerability scan. We have found the following http://domain.com/files/.bashrc. Is this file require for rstudio? Can we safely remove it


#2

.bashrc is a file used by bash shell and contains some profile information. It should not be specifically link to RStudio.

About this .bashrc file :

And about profile file in bash shell, as it is not so clear:

About your question, it is not so clear why you think it could be linked to RStudio ? What is http://domain.com/ ? the url of a RStudio Server ?


#3

Thank for your reply. We link to R Studio Server because it was found to be serve at https://domain.com/files/.bashrc. domain.com is our domain name that serves R Studio Server. We know that .bashrc contains profile information for linux systems. Can we safely remove it?


#4

I do not know your setup and what is inside of the file. It can contains setup that server admin put in it, or it can be the profile from a specific user.
I believe it has nothing to do with rstudio server. If you want an answer for rstudio, you can wait.

I will move your topic to Radmin category for visibility.


#5

That’s really interesting. Do you get the .bashrc file if you go to that location in your browser? Have you been able to find where that file exists on the host operating system?


#6

I am able to access the file from the browser. The .bashrc should be in linux os context /home/user/.bashrc


#7

I guess my question, more clearly stated, is “are you seeing your .bashrc file?” Or have you found out which .bashrc file is being served (since there are many)? If you make changes to the file at /home/myuser/.bashrc, do you get those changes in the browser? A related question is whether you are able to access the file before authenticating? I.e. do you have to log into RStudio server to access the file, or can you access the file without authenticating?

Are you running an apache or nginx proxy or anything besides RStudio on the server? The configuration would likely be in /etc/apache2/, /etc/nginx/, /etc/httpd/, or something of that nature. I am unable to reproduce this file being served by RStudio alone.

The short of the matter is that it shouldn’t be served to the browser and that removing the file should not cause any issues. The more nuanced answer is that it is probably worthwhile to figure out why that file is being served. If it is a result of how your server is configured, then I would suggest that is a misconfiguration and you would likely want it resolved. If it is a bug within RStudio, then we would like it resolved as well.

To gather more information, you can explore more by executing something like sudo netstat -lntp to see what services are listening on which ports. If you have a proxy running, that could be responsible for serving the file to the browser. What port is RStudio running on? Did you switch it to port 80? Port 8787? By the URL you shared, it sounds like port 80 is serving the file.

If you have RStudio Server Pro, you are also welcome to open a support ticket to work through this with our support team.