Linux - providing environment variables

Question

Linux - providing environment variables

It’s just interesting if there is a way to protect environment variables in the * nix system so that they cannot be read from any text file, but are available in the environment.

I know that we can always use file system permissions for .bashrc / .bash_profile, but what if certain variables (like db passwords) should be completely hidden?

One way to do this is to write some kind of / perl script program for:

Take tabs from plain text file and encrypt / hash content (and then get rid of plain text file)
Use the same for decrypting file runtime and exporting values from decrypted output (I know this program can be used to dump decrypted values somewhere, but it doesn’t concern me now)

Is there any other better and more obvious way to achieve this?

Thank!

-Gaurav

+5

security linux bash

Gaurav Nov 09 '10 at 1:14

source share

3 answers

J-16 SDiZ · Answer 1 · 2010-11-09T01:19:27+0000

In no case. Even if you hide it from a text file, it is still available from /proc/<pid>/environ(linux) or ps e(another unix).

Jonathan Leffler · Answer 2 · 2010-11-09T01:18:45+0000

Who are you protecting them with?

: "". , , . ? "vim"? , , .

Jonathan · Answer 3 · 2010-11-09T17:01:09+0000

, . , , , . /proc/###/environ , , .

, , , , - , / , , . ( - ), .

, -, / CGI Apache, : group apache:apache, , CGI, , apache:apache , rw-r----- (640). , , - , root, apache, apache.

, , , .

Linux - providing environment variables

More articles: