Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:102091 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 85615 invoked from network); 3 May 2018 23:49:44 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 3 May 2018 23:49:44 -0000 Authentication-Results: pb1.pair.com smtp.mail=diogo86@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=diogo86@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.180 as permitted sender) X-PHP-List-Original-Sender: diogo86@gmail.com X-Host-Fingerprint: 209.85.216.180 mail-qt0-f180.google.com Received: from [209.85.216.180] ([209.85.216.180:40589] helo=mail-qt0-f180.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 44/79-32200-710ABEA5 for ; Thu, 03 May 2018 19:49:44 -0400 Received: by mail-qt0-f180.google.com with SMTP id h2-v6so25273813qtp.7 for ; Thu, 03 May 2018 16:49:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=GmZLrlL9PR1tjxwOAJbpEh3U93kj/84CVFXIZk/pioc=; b=pL3SeoGmexvEo9R8YwRhhkDmW4z8v8guH1lTWyWE5Mbrk4R0JqCxwGYaOaHWTLJ9CV lKf/f7kU3/7Ce7tXWJI1cc4fwM3e1D3HKwHVRcJcrUDoxWerPOaoW+2XXdHZDiCMzZIR S0ne4NjKWz7odyKkoiFtLdEtBfIv5W/RKRK616OMBhHGg/iXL8N9ug4uIZehzE1Y+YX5 P6WaDgdWACe4yDnQanKNYcMbwTTmfcHWlfdtMbSIMiMuDvnIzD5Ia31/tR5//lMZPenl M5eHBrjnWPZpuSvr7oY9D6q7XlBZgJFXyCHAHysUEMgTo3AL9ztpIHNdOivyK6vgdFph 6LQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=GmZLrlL9PR1tjxwOAJbpEh3U93kj/84CVFXIZk/pioc=; b=OGogMdWTtR2rgN/xpaN3BsFSSAwmfeFQgUX/I6yYmFaNlfBlpg4v6AfiFBg3/meRKK 6fhm6x3mC6H8UOHSbY5sINtLmaXJfrdYINOTxb4wzvb7PTCg7VEOMxdGusgWyDOXD15u KBSQOPeN43lyHfKXKJHGJEG9EowWH5BlGW0mRmUZXk90aWmG6xuxk7QyR6OJsUbtSa+l of8mIZPybo/UJiOojmFm7TPvuPlvcrVpYIFfIpeL07Qonw9ZVvXRusMIEh3G4BPY6fpL VJ0S9TJEWUsKFjdg0tmyS1STL6/gE8YxfPoOeQnybrUlT63EcRiIdu3Cjjsk9jssPlCn TeDg== X-Gm-Message-State: ALQs6tCERjODx8Qt5Jt6RLbQpPRxVom2x89eG4BS30f0B206fiiLxxOU c/dKuusfkoMTrc1xHceYE7zZaSMJWQTWG1nY1nk= X-Google-Smtp-Source: AB8JxZpynW2144yFDEIGSp4w0u6zi5iqODuihXQu9CYYbyeViEzjrioHroHTFYsxeWBBWExE+Bg2PFGoGJctltHKwZA= X-Received: by 2002:ac8:2c56:: with SMTP id e22-v6mr22370272qta.74.1525391381135; Thu, 03 May 2018 16:49:41 -0700 (PDT) MIME-Version: 1.0 Received: by 10.200.8.2 with HTTP; Thu, 3 May 2018 16:49:40 -0700 (PDT) In-Reply-To: References: Date: Thu, 3 May 2018 20:49:40 -0300 Message-ID: To: Tom Van Looy Cc: PHP internals Content-Type: text/plain; charset="UTF-8" Subject: Re: [PHP-DEV] More secure credentials storage From: diogo86@gmail.com (Diogo Galvao) 2018-05-03 15:29 GMT-03:00 Tom Van Looy : > Hi ... > The problem I see with this practice is that it is so easy to leak > environment variables. Like if you are running a phpinfo() page somewhere > that is not a very big deal until it contains all your passwords and API > keys in plain text. Jikes! ... > The main intention is to get the credentials out of the environment > variables. You need to setup a connection to a database or API? Get a > password from the secure storage, make the connection and get rid of the > password. Wouldn't it be more feasible to assign the environment variables locally then clear them from the environment for the rest of the process? $password = getenv("PASSWORD"); var_dump($password); putenv("PASSWORD="); $password = getenv("PASSWORD"); var_dump($password); phpinfo(); The manual of getenv() does warn that "If PHP is running in a SAPI such as Fast CGI, this function will always return the value of an environment variable set by the SAPI, even if putenv() has been used to set a local environment variable of the same name." And there's also apache_getenv() and apache_setenv() to worry about. But if the point is to avoid accidental leaks, you may want to tackle the problem from this perspective instead of using a new env mechanism.