Provide credentials to process in a safe manner

Posted by Erik Aigner on Server Fault See other posts from Server Fault or by Erik Aigner
Published on 2012-11-23T20:46:02Z Indexed on 2012/11/23 23:06 UTC
Read the original article Hit count: 140

Filed under:

linux

|

environment-variables

On system startup I need to launch a process which requires credentials for other services (database etc.) to interact. I obviously don't want to store those on disk for security reasons.

I'm trying to think of a way to provide those credentials to the process on launch - and on launch only. After that they should be only available to the process.

Is this possible somehow? The bottom line is to make it as hard as possible for an intruder to get to those credentials.

© Server Fault or respective owner

Related posts about linux

apt-get install and update fail

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I've got a problem with apt-get update and apt-get install ... commands . every time update or installing fails and errors are : Get:1 http://dl.google.com stable Release.gpg [198B] Ign http://dl.google.com/linux/chrome/deb/ stable/main Translation-en_US Get:2 http://dl… >>> More
kernel module compiling error

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
sh@ubuntu:/home/ccpp/helloworld$ make gcc-4.6 -O2 -DMODULE -D_KERNEL_ -W -Wall -Wstrict-prototypes -Wmissing-prototypes -isystem /lib/modules/`uname -r`/build/include -c -o hello-1.o hello-1.c hello-1.c:4:0: warning: "MODULE" redefined [enabled by default] <command-line>:0:0: note: this is… >>> More
Build-Essentials installation failing

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I am having trouble accessing the several critical header files that show to be a part of the build process. The "Ubuntu Software Center" shows "Build Essentials" as installed: Next I did the following two commands, which did not improve the problem: ~$ sudo apt-get install build-essential [sudo]… >>> More
Updating Debian kernel

as seen on Super User - Search for 'Super User'
I'm trying to update my Debian machine to 2.6.32-46 (which is the new stable). However, after doing apt-get update my apt-cache search linux-image shows me: linux-headers-2.6.32-5-486 - Header files for Linux 2.6.32-5-486 linux-headers-2.6.32-5-686-bigmem - Header files for Linux 2.6.32-5-686-bigmem linux-headers-2… >>> More
Serial connection over a single USB cable (Windows to linux, or linux to linux)

as seen on Server Fault - Search for 'Server Fault'
I'm helping out with a project for an embedded device that only has USB and no serial. This device is running Linux. These days, when we need to connect to a serial port on a device we typically use a USB to serial adapter (on something like a phone system or a load balancing device, etc). I would… >>> More

Related posts about environment-variables

System Expandable-String Environment Variables Can’t Reference User Environment Variables

as seen on Super User - Search for 'Super User'
Hi, I’ve run into a bit of a situation with Windows environment variables. I’ve narrowed it down to what may or may not makes sense and/or possibly be by design. It seems that expandable-string environment variables of the local machine cannot reference environment variables of the current user. For… >>> More
PowerShell: can't modify environment variables

as seen on Super User - Search for 'Super User'
I have an environment variable set via "system properties - advanced - Environment Variables". I modified the variable's value. In cmd, I see the new value. In PowerShell, the value is still the old value. Trying to set it with [Environment]::SetEnvironmentVariable doesn't have any effect. >>> More
Set environment variables from within a bash shell

as seen on Super User - Search for 'Super User'
Hi, Is there a way to set environment variables from within a (bash) shell script? I want to set some environment variables on some servers using a small script rather than typing. Some forum posts believe it is impossible. Any Ideas? >>> More
Is there a way to set Windows environment variables from the command line PERMANENTLY

as seen on Super User - Search for 'Super User'
Is there any way to set permanently set an environment variable system wide from the command line in Windows? something like >systemset newVar=foo or a file to edit would work well too. >>> More
Change environment variables as standard user (Windows 7)

as seen on Super User - Search for 'Super User'
When clicking on "Advanced system settings", I need to login as the administrator and hence only edit the administrators environment variables (in addition to the machine wide ones). How do I edit the environment variables of a standard user? Details With the migration to Windows 7, I decided to… >>> More