Re: Environment-variable security?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Marek Howard píše v Pá 30. 11. 2018 v 14:25 +0100:
> Give me one solid reason why it's insecure to pass passwords via
> environment variables please. So far it seems that systemd just broke
> this concept for no valid reason and now you try to defend with
> completely unrelated reasons. There were certainly more users expecting
> that programs sourcing non-world readable environment variables will
> keep the variables to themselves, than users wanting to check out what
> environment variables systemd set for its processes.

And just to be clear, I'm talking about

  EnvironmentFile=/foo/bar.env

and not variables set via unit files.

_______________________________________________
systemd-devel mailing list
systemd-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux