Best practice for managing secrets (passwords, private keys) used by Python scripts running as daemons
Dan Stromberg
drsalists at gmail.com
Fri Mar 23 14:50:52 EDT 2018
I'd put them in a file with access to the daemon..
Putting credentials in an environment variable is insecure on Linux,
because ps auxwwe lists environment variables.
On Fri, Mar 23, 2018 at 9:37 AM, Malcolm Greene <python at bdurham.com> wrote:
> Looking for your suggestions on best practice techniques for managing
> secrets used by Python daemon scripts. Use case is Windows scripts
> running as NT Services, but interested in Linux options as well.
> Here's what we're considering
>
> 1. Storing secrets in environment vars
> 2. Storing secrets in config file only in subfolder with access limited
> to daemon account only3. Using a 3rd party vault product
>
> Thanks
> --
> https://mail.python.org/mailman/listinfo/python-list
More information about the Python-list
mailing list