diff options
| author | Lennart Poettering <lennart@poettering.net> | 2018-11-13 23:09:32 +0100 |
|---|---|---|
| committer | Evgeny Vereshchagin <evvers@ya.ru> | 2018-11-14 09:12:49 +0300 |
| commit | 438311a5181ccf6e12a6a0a976bb8b5853b9be12 (patch) | |
| tree | 1f5ba9b90ccc94c0ee027592eefff6508afa2776 /man | |
| parent | 06bd149a71b20bdbf8032aa7f34c607dd0d499ee (diff) | |
| download | systemd-438311a5181ccf6e12a6a0a976bb8b5853b9be12.tar.gz | |
man: document that env vars are not suitable for passing secrets
Prompted by the thread around:
https://lists.freedesktop.org/archives/systemd-devel/2018-November/041665.html
Diffstat (limited to 'man')
| -rw-r--r-- | man/systemd.exec.xml | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index 3f0535726b..41b5d7144d 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -1645,7 +1645,13 @@ SystemCallErrorNumber=EPERM</programlisting> <para> See <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry> for details - about environment variables.</para></listitem> + about environment variables.</para> + + <para>Note that environment variables are not suitable for passing secrets (such as passwords, key material, …) + to service processes. Environment variables set for a unit are exposed to unprivileged clients via D-Bus IPC, + and generally not understood as being data that requires protection. Moreover, environment variables are + propagated down the process tree, including across security boundaries (such as setuid/setgid executables), and + hence might leak to processes that should not have access to the secret data.</para></listitem> </varlistentry> <varlistentry> |