Unix/Linux Go Back    


Security Discuss UNIX and Linux computer and network security, cyber security, cyber attacks, IT security, and more.

Security of Environment Variables

Security


Tags
environment variables, password hide, secure

Closed    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 05-11-2016
denden denden is offline
Registered User
 
Join Date: May 2016
Last Activity: 27 February 2017, 12:19 PM EST
Posts: 1
Thanks: 2
Thanked 0 Times in 0 Posts
Security of Environment Variables

Hello,

I'm trying to help a client with passing decrypted passwords into child processes. I just want to ask how secure (or not) it is to pass those decrypted passwords via environment variables?

Thanks,
denden
Sponsored Links
    #2  
Old Unix and Linux 05-11-2016
vbe's Unix or Linux Image
vbe vbe is offline Forum Staff  
Moderator
 
Join Date: Sep 2005
Last Activity: 26 March 2017, 3:59 PM EDT
Location: Switzerland - GE
Posts: 6,398
Thanks: 266
Thanked 537 Times in 499 Posts
maybe if you gave an example or be more clear in of what you are trying to do, we could give our comments...
The Following User Says Thank You to vbe For This Useful Post:
denden (05-11-2016)
Sponsored Links
    #3  
Old Unix and Linux 05-11-2016
gandolf989 gandolf989 is offline
Registered User
 
Join Date: Sep 2006
Last Activity: 24 March 2017, 9:51 AM EDT
Location: Pittsburgh
Posts: 245
Thanks: 3
Thanked 46 Times in 45 Posts
The Oracle Import process can be a good example of this. If you put the password
in the command, then you can see it when you use the "ps -ef | grep impdp".


Code:
impdp system/change_on_install ...

But if you use the echo command and pipe to the impdp command, then you won't
see the password when you do "ps -ef | grep impdp"


Code:
echo "system/change_on_install" | impdp  ...

Another option would be to put a delimited text file under the ~/.ssh directory.
You can then grep for the line that you want and use the cut command to grab
the password.

~/.ssh/pw

Code:
user:this_pwd
user1:this_pwd
user2:this_pwd
user3:this_pwd

You script that needs a password would have the following. Including the carrot
and colon will make sure that the line starts with the username and does not
accidentally pick up more than one line if you have similar usernames. You do
need to make sure that each username is unique in the file.

Code:
THIS_PWD=`grep "^user1:" | cut -d":" -f2`

The Following User Says Thank You to gandolf989 For This Useful Post:
denden (05-11-2016)
Sponsored Links
Closed

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Linux More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Environment Variables mahinkhan22 Homework & Coursework Questions 5 10-16-2012 11:14 PM
environment variables radhika03 Shell Programming and Scripting 3 01-22-2007 12:58 PM
environment variables sumsin Programming 6 03-13-2006 10:17 AM
environment variables Esaia Programming 2 02-20-2003 07:19 PM
what is the use of Environment variables indianguru UNIX for Dummies Questions & Answers 2 07-24-2001 09:41 PM



All times are GMT -4. The time now is 02:49 AM.