Comment on How I Got Hacked: A Warning about Malicious PoCs
Scrath@lemmy.dbzer0.com 1 day agoIf you shouldn’t use sensitive information as command line arguments and also avoid environment variables for passwords, how should you pass such data to programs short of setting up a configuration file?
tal@lemmy.today 1 day ago
For the command line, do what OpenSSH does, take passwords on terminals.
For environment variables, the issue is passing them to all programs; you don’t want to put credentials in a
.bashenvor similar.