Back in the days when an entire department would share something like a VAX and think themselves lucky, the advance was never to let secrets *rest* in your address space any longer than you had to. Bring the secret into memory just the instant before you need it, use it, then scrub that area of memory. You might want to put the credentials on a thumb drive which is plugged in only when needed, I've generally found it better for environment variables to contain file names pointing to configuration files than to have then hold the configuration information directly.
On Wed, 17 Jan 2024 at 22:31, Norbert Hartl <norb...@hartl.name> wrote: > > > > > Am 17.01.2024 um 05:27 schrieb sergio ruiz <sergio....@gmail.com>: > > > > Hi, all. > > > > One of my projects logs in to Spaces (Digital Ocean’s version of S3). I > > need to be able access the credentials, but I don’t want to store them in > > the source code, as I will be using Github to store the projects. > > > > Is there an accepted way to do this (encryption)? > > > > Should I store them on the system as environment variables? is this > > efficient? > > One of the usualy ways especially on unix systems is to hand credentials in > via the process environment. If you execute > > OSEnvironment current at: ‚SHELL' > > in a playground you should see somthing like ‚/bin/bash‘. So when starting > the process you just need to specify the environment variables so that pharo > can access it. If you use docker there is a way to specify that easily. > > Norbert
