Security issues related to storing secrets in scripts

Security issues related to storing secrets in scripts Let's say you have a program you want to run unattended, as root, which requires a secret (such as a passphrase; something you don't want other people to find out), which can be read from an environment variable. One way of accomplishing this would be to create a script like the following, and run it from root's crontab.
Asked by: Guest \| Views: 145

Total answers/comments: 1

Comments display order:

Guest [Entry]

"Is this a script that will only ever run on your own box?

Modern Linux defaults environment variables to only being visible to root or yourself, but that's not portable. Various other OSes either can't filter them, or don't filter them by default."