Hi
I ended up in a discussion about using secure password storage today and
started thinking about solutions for the problem. Some frameworks suggest
putting all kinds of credentials in environment variables. This practice
seems to originate from a recommendation on 12factor.net.
The problem I se
2018-05-03 15:29 GMT-03:00 Tom Van Looy :
> Hi
...
> The problem I see with this practice is that it is so easy to leak
> environment variables. Like if you are running a phpinfo() page somewhere
> that is not a very big deal until it contains all your passwords and API
> keys in plain text. Jikes!
