Hacker News new | past | comments | ask | show | jobs | submit login

Well, sure, you shouldn't be putting secrets or other sensitive data in environment variables. But garden-variety configuration is fine to put in env vars. Seems like whoever assigned you this task didn't really know what they were doing.



Oops, I've been putting secrets in environment variables since I can remember. Your comment piqued my curiousity on why this is a bad idea.

Found this:

https://diogomonica.com/2017/03/27/why-you-shouldnt-use-env-...

https://security.stackexchange.com/questions/197784/is-it-un...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: