将密码作为环境变量（而不是纯文本）存储在配置文件中是否安全？ [英] Is it secure to store passwords as environment variables (rather than as plain text) in config files?

问题描述

我在rails，django（和一点点PHP）中的几个应用程序上工作，其中一些开始的事情之一是将数据库和其他密码存储为环境变量而不是纯文本配置文件（或在settings.py中，用于django应用程序）。

在与我的一个合作者讨论这个问题时，他建议这是一个糟糕的做法 - 也许这是不像以前那样完美的安全。

所以，我想知道 - 这是一个安全的做法吗？在这些文件中将密码存储为纯文本是更安全的（确保当然不要将这些文件留在公共资料或任何内容中）？

解决方案

在更理论层面上，我倾向于以下列方式考虑安全级别（按强度增加的顺序）：

• 没有安全性。纯文本。任何知道在哪里看的人都可以访问数据。


• 通过混淆的安全性。您将数据（明文）存储在一个棘手的地方，就像一个环境变量，或者在一个想要看起来像一个配置文件的文件中。攻击者将最终弄清楚发生了什么，或者绊倒了。


• 通过加密来保护安全性，这是微不足道的，（认为caesar密码！）。


• 加密提供的安全性可以通过一些努力破坏。


• 通过加密提供的安全性，打破给定的当前硬件是不切实际的。


• 最安全的系统是没有可以使用的系统！ ：）

环境变量比明文文件更安全，因为它们是易失性的/一次性的，没有保存;
即如果您只设置一个本地环境变量，例如set pwd = whatever，然后运行脚本
，在脚本末尾退出命令shell，然后变量no长时间存在
你的案子属于前两个，我说的是相当不安全的。如果您打算这样做，我不建议您在直接内部网/家庭网络之外部署，然后仅用于测试目的。

I work on a few apps in rails, django (and a little bit of php), and one of the things that I started doing in some of them is storing database and other passwords as environment variables rather than plain text in certain config files (or in settings.py, for django apps).

In discussing this with one of my collaborators, he suggested this is a poor practice - that perhaps this isn't as perfectly secure as it might at first seem.

So, I would like to know - is this a secure practice? Is it more secure to store passwords as plain text in these files (making sure, of course, not to leave these files in public repos or anything)?

解决方案

On a more theoretical level, I tend to think about levels for security in the following ways (in order of increasing strength) :

• No security. Plain text. Anyone that knows where to look, can access the data.
• Security by Obfuscation. You store the data (plaintext) someplace tricky, like an environment variable, or in a file that is meant to look like a configuration file. An attacker will eventually figure out what's going on, or stumble across it.
• Security provided by encryption that is trivial to break, (think caesar cipher!).
• Security provided by encryption that can be broken with some effort.
• Security provided by encryption that is impractical to break given current hardware.
• The most secure system is one that no can use! :)

Environment variables are more secure than plaintext files, because they are volatile/disposable, not saved; i.e. if you set only a local environment variable, like "set pwd=whatever," and then run the script, with something that exits your command shell at the end of the script, then the variable no longer exists. Your case falls into the first two, which I'd say is fairly insecure. If you were going to do this, I wouldn't recommend deploying outside your immediate intranet/home network, and then only for testing purposes.

这篇关于将密码作为环境变量（而不是纯文本）存储在配置文件中是否安全？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！