Files
it-sec-exercises/sheet08/a3.txt
Leo 11db56b542
All checks were successful
zip and release / build-and-release (push) Successful in 5s
add stuff to a1 and a3 and first part of a3
2026-06-19 11:18:41 +02:00

9 lines
822 B
Plaintext

• Passing passwords via command line arguments:
Benefits: fast and easy to type out for quick testing.
Drawbacks: Highly insecure. Passwords are saved in the .bash_history and are fully visible to any other user running the `ps` command. They also leak through `docker inspect`
• Passing passwords via an environment variable:
Benefits: Better than CLI arguments because they hide the secret from the ps process list.
Drawbacks: Still exposed. Anyone with access to docker can view them using `docker inspect`.
• Passing passwords via a file:
Benefits: The secrets do not show up in the `ps` process list or in the docker inspect metadata. Access to the file on the host can also be limited using chmod.
Drawbacks: Leaves a plaintext file on the physical hard drive, requiring manual cleanup.