sphericth0r@kbin.socialtoSelfhosted@lemmy.world•Disclosure of sensitive credentials and configuration in containerized deployments - ownCloud
1·
1 year agoThat’s just as insecure lol, env vars are far better
That’s just as insecure lol, env vars are far better
No that’s the case in the US too. I never ask why my employee wants time off, I don’t need to know any more about their personal lives, they tell me too much already…
I think that’s the point, the people who care about things like the API changes have already made the migration, the rest of the losers stuck there in rubbit don’t matter to us, and as other posters noted this is likely the group of people is productive. Who cares. Leave them behind.
Not sure what this vast collection of resources is that you’re pining over. Theeye, among the vast majority of actual piracy resources, were never really on rubbit anyway…
It’s probably best to look at what the devops industry is embracing, environment variables are as secure as any of the alternatives but poor implementations will always introduce attack vectors. Secret management stores require you to authenticate, which requires you to store the credential for it somewhere - no matter what there’s no way to secure an insecure implementation of secrets access