On Mon, 2014-12-01 at 08:59 +0000, Richard W.M. Jones wrote: > On Sun, Nov 30, 2014 at 08:29:27PM -0500, Rahul Sundaram wrote: > > Hi > > > > On Sun, Nov 30, 2014 at 1:36 PM, Lars Seipel wrote: > > > > > > > > > There's also OpenNebula (^ONE_) and Vmware (^VI_) doing the same. Seems > > > to be pretty common with virt and cloud stuff. Apart from that I can't > > > think of anything else right now. > > > > > > Rackspace, DigitalOcean, Google Computing Engine etc have API info > > potentially exported in the environment as well. This is going to be quite > > tedious to filter out but just in case you want to blacklist them, you > > want to blacklist the following > > > > NOVA_* > > DO_* > > APPID_* > > It looks like they inherited this habit from Amazon ... > > For the avoidance of doubt, putting authentication information into > the environment is a bad, insecure practice. Any other local user can > immediately see it using 'ps axewwww'. No, that's just your processes: $ cat /proc/1/environ cat: /proc/1/environ: Permission denied $ Lubo -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
