Comments (6)
I'm not very familiar with this practice. Could you give me an example of how and when it applies?
from cleanenv.
@ilyakaznacheev To hide credentials from none root users when application is started from systemd (as daemon) with none root users.
That way credentials are only available to systemd (and root) in initial start of application, then after start and user change they are dropped from environment.
from cleanenv.
What you mean by "hide"?
The library only reads configs, not prints them or something like that. Hiding sensitive data from users is far beyond its scope.
from cleanenv.
Setting private information inside env, this info will still be accessible from application and even from /proc/PID/environ.
By hiding I mean, unsetting env key that contains sensitive information.
You could say that this is not in scope of library, but without this, using library doesn't make much sense.
One would still have to manage env so why not manage all envs.
Feel free to close if you think that this is not important.
from cleanenv.
The library doesn't manage the environment. It only reads from env variables, and only if it was chosen as a source of data.
You may try to use a custom setter to unset the environment variable there.
I will think about adding some kind of middleware with more metainfo on input.
from cleanenv.
So the solution - do not pass sensitive data with environment variables, use config files instead. You can remove the file just after the app started, so the requirements will be met. You can do that directly from the app.
And yes, it is not in the scope of the library, but you can easily achieve it like as I said before.
from cleanenv.
Related Issues (20)
- Create a version compatibility policy
- Didn't skip unexported field HOT 4
- Apply Custom Value Setters to custom struct types
- Does this support parsing `map[string]CustomStruct` using the `env` tag? HOT 2
- How about adding the ability to use dynamic values in a config file? HOT 1
- What is the correct location for the config.yml? HOT 4
- Set but empty Environment Variables don't raise an error HOT 1
- Nested structures not sorted HOT 2
- [][]string from env HOT 1
- Setup env parameter for array in config? HOT 1
- Config returns nothing
- Update GetDescription to show which variables are required
- print the name of the env var in the error message when a required var is missing rather than just the struct field name HOT 1
- Allow reading from `fs.FS`
- Return wrapped error with "%w" verb instead of "%s"
- File decodes based on extension, meaning it fails to load config if `.rc` files are used
- env-required pretty limited usage
- Example of using map of structs in config, example of using `env-separator`
- It changes the set 0 to the default value.
- Can't read config file in Amazon EC2 server HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cleanenv.