sphericth0r@kbin.socialtoSelfhosted@lemmy.world•Disclosure of sensitive credentials and configuration in containerized deployments - ownCloud
1·
11 months agoThat’s just as insecure lol, env vars are far better
That’s just as insecure lol, env vars are far better
Even worse, they’ll claim it was a bug
Yes, and I find them indistinguishable from liberal subreddits. The echo chambers are pretty easy to find…
I think both the left and the right are concerned with restricting rights, they just have different views of which rights it’s okay to obstruct.
Meanwhile, libertarians are staring at both the extreme left and extreme right and wondering what the fundamental difference is…
No that’s the case in the US too. I never ask why my employee wants time off, I don’t need to know any more about their personal lives, they tell me too much already…
It’s probably best to look at what the devops industry is embracing, environment variables are as secure as any of the alternatives but poor implementations will always introduce attack vectors. Secret management stores require you to authenticate, which requires you to store the credential for it somewhere - no matter what there’s no way to secure an insecure implementation of secrets access