Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Point to a file? E.g. `CONFIG_PATH=/etc/myapp/config.ini /opt/myapp`

That being said, I still use env vars and don't plan on stopping. I just haven't (yet?) seen any exploits or threat models relating to it that would keep me up at night.



Is that file more secure than the environment variables it's replacing? On Linux I think you can secure it to just your service with SELinux. Not sure about Windows


How do you get that file?

I also use env vars.


For example, systemd or kubernetes.

https://systemd.io/CREDENTIALS/

https://kubernetes.io/docs/concepts/configuration/secret/#us...

(Systemd also has more complex modes that are safer than files. And the Linux kernel has a concept of keyrings that might be even better.)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: