Techly NewsGet the app

Get the latest tech news

Handling secrets (somewhat) securely in shells


Sometimes, you need to deal with secrets in an interactive shell. Say, for example, you want to do things with the API of a GitLab instance for which you require authentication: $ curl -fsSLH 'Authorization: Bearer 1s7zo2a-mzsLP6yAo2SM' https://gitlab.example.com/api/v4/projects Oh no! Process information leakage By doing that, you’ve just made the token available to everything on your system that can see your processes! Process command lines are visible to all processes through /proc on most Linux distributions.

None

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Shells

Shells

Photo of secrets

secrets

Related news:

News photo

Using proxies to hide secrets from Claude Code

News photo

Ping: The Secrets of Successful Virtual Communication

News photo

Distributed Denial of Secrets

« The Gleam Programming Language
China media says 120,000 tonne space-based aircraft carrier 'becoming a reality' »