sphericth0r
@sphericth0r@kbin.social
This is a remote user, information on this page may be incomplete. View at Source ↗
- Comment on Disclosure of sensitive credentials and configuration in containerized deployments - ownCloud 11 months ago:
It's probably best to look at what the devops industry is embracing, environment variables are as secure as any of the alternatives but poor implementations will always introduce attack vectors. Secret management stores require you to authenticate, which requires you to store the credential for it somewhere - no matter what there's no way to secure an insecure implementation of secrets access
- Comment on Disclosure of sensitive credentials and configuration in containerized deployments - ownCloud 11 months ago:
That's just as insecure lol, env bars are far better
- Comment on Hours of work 1 year ago:
Even worse, they'll claim it was a bug