Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Security of Environment Variables
Special Forums Cybersecurity Security of Environment Variables Post 302972897 by denden on Wednesday 11th of May 2016 12:19:12 PM
Old 05-11-2016
Security of Environment Variables
Hello,

I'm trying to help a client with passing decrypted passwords into child processes. I just want to ask how secure (or not) it is to pass those decrypted passwords via environment variables?

Thanks,
denden
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

what is the use of Environment variables

what is the actual use of environment variables. I know only PS1, LOGNAME, PS2 variables what are the other variables & what is there use (2 Replies)
Discussion started by: indianguru
2 Replies

2. Programming

environment variables

Hi! How-to get the environment variables in GNU. getenv() only fetches the ones that you can find under export (not the ones under declare)... best regars .David (2 Replies)
Discussion started by: Esaia
2 Replies

3. UNIX for Dummies Questions & Answers

environment variables

Hi Folks, Is it possible somehow to unset all the environment variables which have been defined before in UNIX (Solaris). Thanks, Slava (3 Replies)
Discussion started by: spavlov
3 Replies

4. UNIX for Dummies Questions & Answers

help..Environment variables...

hi, 1). i would like to know what is meant by environment variables? 2). is the number of envi variables is a constant number for unix systems? 3). how to see the list of envi variables (and the values of the envi variables)in a single command? 4). if this questions were already asked... (3 Replies)
Discussion started by: sekar sundaram
3 Replies

5. Programming

environment variables

hi, I want to create a new EV(Environment Variable) through a c program and I done this thing through setenv() method. But the newly created EV is not permanent, i.e. when I exit from the program the EV also no longer lives. But I want to make it a permanent EV for the current user. Actually I... (6 Replies)
Discussion started by: sumsin
6 Replies

6. Shell Programming and Scripting

environment variables

Hi, If i have a variable set and exported in my pofile file will that variable be available in all shell scripts created. Thanks, Radhika. (3 Replies)
Discussion started by: radhika03
3 Replies

7. Shell Programming and Scripting

using environment variables

say i define an environment variable in a particular script (upgrade.sh). my script is upgarde.sh and it calls another script try.sh. will this environment variable be accessible to try.sh also. if not how to I make environment variables global so that they can be used by any script. (2 Replies)
Discussion started by: lassimanji
2 Replies

8. UNIX for Dummies Questions & Answers

Environment variables

why are all environment variables represented in a fixed format regardless of the shell you use? like $HOME $PATH etc (6 Replies)
Discussion started by: sravani
6 Replies

9. Shell Programming and Scripting

Environment variables

I have read tons of posts about how you can't set persisting environment variable in a child script of a shell and have it persist. The only way is to source a file as % . <scriptname> I am finding that true... but I know there is a way around it. I just don't know how. I worked for 6... (5 Replies)
Discussion started by: rwa25
5 Replies

10. Homework & Coursework Questions

Environment Variables

1. The problem statement: What is the mesg value set for your environment? If it is on, how would you turn off your current session? How would you set it permanently? 3. The attempts at a solution : Read Unix The textbook. 3rd chapter has many things like environment variables and... (5 Replies)
Discussion started by: mahinkhan22
5 Replies

LEARN ABOUT DEBIAN

ne_ssl_clicert_name

NE_SSL_CLIENT_CERT(3)						neon API reference					     NE_SSL_CLIENT_CERT(3)

NAME

       ne_ssl_clicert_read, ne_ssl_clicert_name, ne_ssl_clicert_encrypted, ne_ssl_clicert_decrypt, ne_ssl_clicert_owner, ne_ssl_clicert_free - SSL
       client certificate handling

SYNOPSIS

       #include <ne_ssl.h>

       ne_ssl_client_cert *ne_ssl_clicert_read(const char *filename);

       const char *ne_ssl_clicert_name(const ne_ssl_client_cert *ccert);

       int ne_ssl_clicert_encrypted(const ne_ssl_client_cert *ccert);

       int ne_ssl_clicert_decrypt(ne_ssl_client_cert *ccert, const char *password);

       const ne_ssl_certificate *ne_ssl_clicert_owner(const ne_ssl_client_cert *ccert);

       void ne_ssl_clicert_free(ne_ssl_client_cert *ccert);

DESCRIPTION

       The ne_ssl_clicert_read function reads a client certificate from a PKCS#12-formatted file, and returns an ne_ssl_client_cert object. If the
       client certificate is encrypted, it must be decrypted before it is used. An ne_ssl_client_cert object holds a client certificate and the
       associated private key, not just a certificate; the term "client certificate" will used to refer to this pair.

       A client certificate can be in one of two states: encrypted or decrypted. The ne_ssl_clicert_encrypted function will return non-zero if the
       client certificate is in the encrypted state. A client certificate object returned by ne_ssl_clicert_read may be initially in either state,
       depending on whether the file was encrypted or not.

       ne_ssl_clicert_decrypt can be used to decrypt a client certificate using the appropriate password. This function must only be called if the
       object is in the encrypted state; if decryption fails, the certificate state does not change, so decryption can be attempted more than once
       using different passwords.

       A client certificate can be given a "friendly name" when it is created; ne_ssl_clicert_name will return this name (or NULL if no friendly
       name was specified).  ne_ssl_clicert_name can be used when the client certificate is in either the encrypted or decrypted state, and will
       return the same string for the lifetime of the object.

       The function ne_ssl_clicert_owner returns the certificate part of the client certificate; it must only be called if the client certificate
       is in the decrypted state.

       When the client certificate is no longer needed, the ne_ssl_clicert_free function should be used to destroy the object.

RETURN VALUE

       ne_ssl_clicert_read returns a client certificate object, or NULL if the file could not be read.	ne_ssl_clicert_encrypted returns zero if
       the object is in the decrypted state, or non-zero if it is in the encrypted state.  ne_ssl_clicert_name returns a NUL-terminated friendly
       name string, or NULL.  ne_ssl_clicert_owner returns a certificate object.

EXAMPLES

       The following code reads a client certificate and decrypts it if necessary, then loads it into an HTTP session.

	   ne_ssl_client_cert *ccert;

	   ccert = ne_ssl_clicert_read("/path/to/client.p12");

	   if (ccert == NULL) {
	      /* handle error... */
	   } else if (ne_ssl_clicert_encrypted(ccert)) {
	      char *password = prompt_for_password();

	      if (ne_ssl_clicert_decrypt(ccert, password)) {
		 /* could not decrypt! handle error... */
	      }
	   }

	   ne_ssl_set_clicert(sess, ccert);

SEE ALSO

       ne_ssl_cert_read

AUTHOR

       Joe Orton <neon@lists.manyfish.co.uk>
	   Author.

COPYRIGHT

neon 0.29.6							    3 May 2011						     NE_SSL_CLIENT_CERT(3)
All times are GMT -4. The time now is 10:28 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy