Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> including secrets, in environment variables is a bad idea.

I don't think this is the lesson to take away here. Arbitrary remote read of environment variables is not a common issue.

Also you can easily not propagate secrets to a child process. But there isn't a ton of point to that on most systems since if you can't trust your child process just not passing in the secret is not gonna cut it.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: