muquit
commented
4 years ago mailsend-go supports environment variable SMTP_USER_PASS to the password instead of -pass flag. Thanks.
Closed gaebor closed 4 years ago
muquit
commented
4 years ago mailsend-go supports environment variable SMTP_USER_PASS to the password instead of -pass flag. Thanks.
gaebor
commented
4 years ago But environment variables are also exposed to non-root users under /proc/<pid>/environ
muquit
commented
4 years ago Environments are exposed for all users in /proc/pid/environ but can be accessed if a user has read permission to it. root can access it for any user of course. There is no escape from root. Question is where to draw the line? I can probably add an option to read from stdin in future release. Thanks.
gaebor
commented
4 years ago Thx, I forgot that. This should work.
Sender username and password are provided via command line parameters which are visible to other users. See: https://unix.stackexchange.com/questions/298178/hide-arguments-of-commands-in-ps
It would be nice to provide authentication information with a file or something.