Security issue with aesbackend.go environment variable

The `-encrypt` option introduced in https://github.com/muesli/beehive/pull/295 allows the config file to be encrypted via the `BEEHIVE_CONFIG_PASSWORD` environment variable:

https://github.com/muesli/beehive/blob/57a4fabd506def6a9be960839466fce271771f58/cfg/aesbackend.go#L225-L239

In general, using an environment variable for a password is more secure than using a command line argument, with one caveat:

You need to *unset the variable* after reading it. Otherwise it will leak into *any process that beehive spawns directly or indirectly* and *any library that is used by the bees*, which is a security risk.

	func getPassword(u *url.URL) (string, error) {
	p := os.Getenv(PasswordEnvVar)
	if p != "" {
	return p, nil
	}

	if u != nil && u.User != nil {
	p = u.User.Username()
	if p != "" {
	return p, nil
	}
	}

	return "", errors.New("password to encrypt or decrypt the config file not available")
	}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Security issue with aesbackend.go environment variable #362

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

Security issue with aesbackend.go environment variable #362

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions