在开源项目中安全存储用于连接数据库的密码 [英] Storing securely passwords for connection to DB in opensource projects
问题描述
Cloud9是一项很棒的服务。如果您创建一个公共的工作空间,则意味着知道您的项目URL并在cloud9拥有一个帐户的每个人都可以浏览和下载您的代码。这意味着,例如,如果我的项目具有与mongodb的连接,则每个人都将看到用于登录到mongo的登录名和密码(因为它将在某些源文件中)。
Cloud9 is a cool service. IF you create a workspace that is public it will mean that everyone who knows your project url and have an account at cloud9 can browse and download your code. This means that if my project have, for example, connectivity to mongodb, everyone will see login and password to connect to mongo (because it will be in some source file).
我可以看到的唯一安全存储密码的选项(例外将项目设为私有)是以某种方式将其添加到环境变量中,并使用 process.env.XXXXXX 码。这似乎很安全,因为即使其他人可以浏览我的代码,他们也无法打开终端并检查我定义的环境变量。
The only option I can see to store passwords securely (except making project private) is to somehow add them to environment variables, and use process.env.XXXXXX call within the code. This seems to be secure because even if others may browse my code they cannot open terminal and check what environment variables I have defined.
因此,有没有办法添加我的自定义环境变量,使其可以通过节点代码内的 process.env.XXXXXX 访问?
So, is there a way to add my custom environment variable(s) to that they would be accessible via process.env.XXXXXX inside node's code?
推荐答案
使用cloud9运行程序运行项目时,运行程序工具栏的右侧会弹出环境。您可以使用它以所需的方式添加环境变量,但请确保不要在配置中添加名称,因为具有名称的配置会自动保存在.c9 / project.settings
When running project with cloud9 runners there is Environment popup on the right side of the runner toolbar. You can use it to add environment variables the way you want, but make sure to not add a name to the config since configs with name are automatically saved in .c9/project.settings
另一种解决方案是在未以只读模式公开的目录中创建文件。例如,
Another solution is to create a file in the directory not exposed in readOnly mode. e.g
echo "password" | sudo tee /xxx
您甚至可以编辑 / xxx 在cloud9终端中使用 vi 文件。
you can even edit /xxx file using vi inside cloud9 terminal.
但是,最好的解决方案当然是购买高级订阅,并且获得更多的私人工作区:)
But Of course the best solution is to buy premium subscription, and get more private workspaces:)
这篇关于在开源项目中安全存储用于连接数据库的密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
