Credentials (and Co) shouldn't be stored in environment variables

kojq / gal

Install Arch Linux (CachyOS) with a favorable graphical experience.

MIT License

3 stars 0 forks source link

Closed kojq closed 5 months ago

kojq commented 1 year ago

Cases of undesirable information gain:

Someone can access the variables
Someone can access it when the environment variables are displayed in plain text

kojq commented 1 year ago

The password should be directly fed into chpasswd within chroot.

kojq commented 5 months ago

features related to scripting are no longer important (as switching distros is plausible), so close #11 as well.