LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-27-2011, 05:30 PM   #1
irey
Member
 
Registered: Jun 2008
Location: Torino, Italy
Posts: 66

Rep: Reputation: 17
Question storing a password in an environment variable


Hi,

I'm developing a shell script that will read a username and a password from an environment variable. I prefer this rather than the command line to prevent the password from being visible to other users via the 'ps' command.

Yes, I know this is insecure. The password will be readable via /proc/<pid>/environ, but only to the same user and root. That's way better than the command line. Besides, the password is already stored in cleartext in a plain file (readable only by owner), so anything I do needn't be more secure than that.

Question: Will I be facing other security issues not mentioned here? If you can prevent me from making a stupid decision then please do it

Thanks
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 07-27-2011, 06:00 PM   #2
SL00b
Member
 
Registered: Feb 2011
Location: LA, US
Distribution: SLES
Posts: 375

Rep: Reputation: 112Reputation: 112
Depends on what you're doing with it. For example, if you're using it as a command-line argument to launch a process, it could show up in ps -ef, and anyone can execute that.
 
1 members found this post helpful.
Old 07-28-2011, 12:49 AM   #3
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,417

Rep: Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397
As far as the local user goes, there's also 'env' & 'set' ....
If you had the shell script read the var from the file, then it won't appear in ps ...
 
1 members found this post helpful.
Old 07-28-2011, 02:45 AM   #4
David the H.
Bash Guru
 
Registered: Jun 2004
Location: Osaka, Japan
Distribution: Debian + kde 4 / 5
Posts: 6,837

Rep: Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981
That's not just insecure, it's foolish. Once something is set in the environment, it's available to everyone and everything in that environment. There's no way to properly hide it.

Some programs use a "credentials" file for storing password info. This is nothing more than a small text file with permissions limited so that read access is available only to the user launching the command. Here's an example:

http://anothersysadmin.wordpress.com...edential-file/

Your script can, and I say should, use a similar system. Just set the lines in the file up as "variable=value", give it restricted access, and have the script source it directly. The variable definitions in it will then be available to that script's environment, but not that of the the launching shell.
 
2 members found this post helpful.
Old 07-28-2011, 09:11 AM   #5
irey
Member
 
Registered: Jun 2008
Location: Torino, Italy
Posts: 66

Original Poster
Rep: Reputation: 17
Thanks everyone for the replies.

As I said, I am reading the password from a secure file (well, secure up to a certain point, since it is root-readable anyway). It's just that I want to avoid parsing the file multiple times so that code is more maintainable.

Quote:
Once something is set in the environment, it's available to everyone and everything in that environment.
Right. I know the environment is inherited by subprocesses, and if I export a variable in the shell then every successive command will have access to it. But if I set the environment inside a script so that another script (as a subprocess) can read it, then the environment should be destroyed when the master script terminates. It shouldn't be available to the parent process. Isn't that right?

No worries about ps -ef since I'm never passing it as a command line argument for any command launched by the scripts.

Thanks again.
 
Old 07-29-2011, 09:45 AM   #6
David the H.
Bash Guru
 
Registered: Jun 2004
Location: Osaka, Japan
Distribution: Debian + kde 4 / 5
Posts: 6,837

Rep: Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981
Quote:
Originally Posted by irey View Post
But if I set the environment inside a script so that another script (as a subprocess) can read it, then the environment should be destroyed when the master script terminates. It shouldn't be available to the parent process. Isn't that right?
That's correct. No process can ever alter the environment of its parent. Changes only affect the current level, and sometimes subprocesses, which can inherit them if exported.


So you're already most of the way there. As I suggested before, simply arrange for your top-level script to source the file and you're set. Its contents will be imported into the script and evaluated as shell commands.

So simply make your password file like this:
Code:
name=username
pass=password
Then near the top of your main script add something like this:
Code:
#!/bin/bash

passfile=/path/to/passwordfile.txt

if [[ -r $passfile ]] ; then
     . "$passfile"
else
     echo "Password file not found or not readable."
     exit 1
fi

#for testing only:
echo "$name"
echo "$pass"
If the variables need to be read by subprocesses of the master script, you may need to add a line to export them as well.
 
2 members found this post helpful.
Old 07-29-2011, 09:59 AM   #7
irey
Member
 
Registered: Jun 2008
Location: Torino, Italy
Posts: 66

Original Poster
Rep: Reputation: 17
Ok, that works . I'll also add a check so that the master script can only be executed as a standalone process (i.e. no "source script.sh"). That will ensure the environment is properly destroyed at the end.

Thank you!
 
Old 07-29-2011, 01:35 PM   #8
devnull10
Member
 
Registered: Jan 2010
Location: Lancashire
Distribution: Slackware Stable
Posts: 553

Rep: Reputation: 116Reputation: 116
Oracle uses this method for executing scripts via concurrent requests in E-Business Suite. Three is a slight flaw though in that if you cause the request to fail then view the log, it dumps the environment vars into there - including the apps password! ooops...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Storing table in variable DeepSeaNautilus Linux - Software 5 04-04-2009 02:45 PM
Storing part of a filename as a variable VTGuitarMan Programming 5 03-12-2008 07:47 AM
setting proxy username and password in environment variable maveickstorm Linux - Networking 2 11-21-2006 01:20 PM
storing output of sed in a variable in shell script Fond_of_Opensource Linux - Newbie 1 11-09-2006 04:57 AM
storing octal value in char variable hubabuba Programming 1 04-17-2006 01:53 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:09 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration