Best practice for managing secrets (passwords, private keys) used by Python scripts running as daemons
Thomas Jollans
tjol at tjol.eu
Sat Mar 24 16:23:01 EDT 2018
On 24/03/18 20:41, Chris Angelico wrote:
> On Sun, Mar 25, 2018 at 4:24 AM, Peter J. Holzer <hjp-python at hjp.at> wrote:
>> On 2018-03-23 11:50:52 -0700, Dan Stromberg wrote:
>>> I'd put them in a file with access to the daemon..
>>>
>>> Putting credentials in an environment variable is insecure on Linux,
>>> because ps auxwwe lists environment variables.
>>
>> But only those of your own processes. So both methods are about equally
>> secure: If you can become the daemon user (or root), then you can read
>> the secret.
>
> If you can become the daemon user, you can do whatever the daemon user
> can.
If you're using something like SELinux, I don't think that's
*necessarily* true (but I really don't know much about SELinux).
Normally, though, I should think that protecting the secret with user
isolation (e.g. by putting it into a file with the right permissions)
should be fine.
Environment variables should be fine too, but really this just moves the
problem up one level: where does the parent process get the secret when
it sets up the environment?
More information about the Python-list
mailing list