Excerpts from Tim Bell's message of 2016-03-23 11:53:38 -0700: > > On 23/03/16 18:41, "Clint Byrum" <[email protected]> wrote: > > >Excerpts from Tim Bell's message of 2016-03-23 09:17:20 -0700: > >> > >> The difficulty with the environment variables is that the administrator of > >> the box you are logged into can read the environment using ps auxwwww. > >> > >> There has been some work done to support storing all the variables in a > >> file (which would be an environment variable) such that the CLIs read from > >> the file rather than needing it in the environment. This at least > >> minimises the access to the home directory file servers rather than the > >> root admin on the box you are using. > >> > > > >This does no such thing. The admin can read every single byte of RAM > >in your process space, trace your library calls, and impersonate you to > >get the same filesystem access. You have to trust the admins of systems > >you are making client calls from. There is _no_ way around that. This is > >one reason to want REST API's, so you can have an end-to-end encrypted > >conversation with the REST API from the device you are certain is secure, > >over a network and through systems you are not certain is secure. > > Giving someone access to a kerberos key valid for 24 hours based on tbeir > ability to read every byte of my internal process space is very different > from someone trivially running ps auxwww to get the list of people and tbeir > passwords which are generally valid for months. > > While there is no guaranteed way round it, we should not make it so easy and > for so long. >
Environment variables aren't visible in 'ps auxwww', though they are in /proc/$pid/environ, which is only visible to the owning user and root, so that's not quite as terrible as the picture painted. The thing I was respoding to wasn't Kerberos. Oh please great deity of system administration, bring all OpenStack users actual Kerberos, which would in fact be a huge improvement. I was responding to "There has been some work done to support storing all the variables in a file". Wherever those variables are read into, which is, process space, is exactly equivalent to environment variables. _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : [email protected] Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
