Possible bug/problem with systemctl
Posted: Mon Jan 29, 2018 9:32 am
Hello there,
In almost every documentation online I could read, that the resource.cfg is a good way to store passwords. I needed to store a password for a database user and I just stored my password as a user-variable ($USER5$) in the resource.cfg.
Then I looked into the systemctl status nagios to check if there are any problems. Thats when I noticed, that one of my perl-plugins was listed as a process with its variables fully resolved - which means, the password was written there. This is a bit shocking since everyone can execute the systemctl status nagios and can get the password with almos no effor.
Is there a way to prevent this? Or am I doing it completely wrong?
Greetings
In almost every documentation online I could read, that the resource.cfg is a good way to store passwords. I needed to store a password for a database user and I just stored my password as a user-variable ($USER5$) in the resource.cfg.
Then I looked into the systemctl status nagios to check if there are any problems. Thats when I noticed, that one of my perl-plugins was listed as a process with its variables fully resolved - which means, the password was written there. This is a bit shocking since everyone can execute the systemctl status nagios and can get the password with almos no effor.
Is there a way to prevent this? Or am I doing it completely wrong?
Greetings