Comment on How I Got Hacked: A Warning about Malicious PoCs
Scrath@lemmy.dbzer0.com 10 months agoIf you shouldn’t use sensitive information as command line arguments and also avoid environment variables for passwords, how should you pass such data to programs short of setting up a configuration file?
tal@lemmy.today 10 months ago
For the command line, do what OpenSSH does, take passwords on terminals.
For environment variables, the issue is passing them to all programs; you don’t want to put credentials in a
.bashenvor similar.