[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] privacy of environment variables



Bob Vickers wrote:
> I have a question about privacy of environment variables. I was always 
> brought up to believe that you must never store passwords or other 
> sensitive information in environment variables, because the environment is 
> visible to other users. This is certainly true on older Unix systems.
> 
> But a colleague did some experiments (on SuSE 9.3) and found that ps only 
> displays the environment for processes you own, which seems very sensible. 
> Likewise /proc/pid/environ is only readable by the owner (or by root, of 
> course).
> 
> Now I don't want to rely on experiments, because there may be some other 
> mechanism I haven't thought of. Can anyone point me to some authoritative 
> information about the privacy of environment variables on modern Linux 
> systems?

I don't have any link at hand that could be considered authoritative
but your colleague's observeration is correct. Relying on a
protected environment is not portable though and therefore not
considered the best solution for passing sensitive data.

> The reason I ask is that my colleague is writing a script which will run 
> rpcclient and smbclient. One option would be to use Expect, but 
> environment variables are a much cleaner and simpler solution providing 
> they are safe.

smbclient has an option that tells it to read credentials from a
file.

cu
Ludwig

-- 
 (o_   Ludwig Nussel
 //\   SUSE LINUX Products GmbH, Development
 V_/_  http://www.suse.de/

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here