We have a servicemix-based product that has to perform a setuid to a lower-privileged user while running on linux. We've accounted for most permissions-based issues that result from doing this by ensuring that the lower-privileged user has write access to the necessary files under the data directory.
Unfortunately, we can't do this with karaf.history since it is written to the home directory of the user that started the stack (root in this case). The lower-privileged usually doesn't have any visibility into this directory, let alone write privileges. If a configuration option was provided to specify the location of the karaf.history file (or the option to not even write or expect to find one), then we could treat this file like any other.