Open c0c0n3 opened 3 months ago
We could reimplement our vault to serve secrets over a Unix socket connected to systemd's new credentials facility. This way we won't need to ever store unencrypted data on a filesystem, not even a RAM-backed one.
See:
We could reimplement our vault to serve secrets over a Unix socket connected to systemd's new credentials facility. This way we won't need to ever store unencrypted data on a filesystem, not even a RAM-backed one.
See: