Hacker News new | past | comments | ask | show | jobs | submit login

Now that process has to get its secret from somewhere. At some point, you're just recapitulating the design of Hashicorp Vault. But even if you're using Vault, you're most likely injecting secrets as environment variables.



Belonging to a different user*

It can get it from a file that isn't readable by the user that runs remote-accessible code.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: