Przeglądaj źródła

soften environment security warning to a note, and cross-ref to avoid dupe

Antoine Beaupré 10 lat temu
rodzic
commit
de9e9d14b7
2 zmienionych plików z 12 dodań i 8 usunięć
  1. 9 4
      docs/faq.rst
  2. 3 4
      docs/quickstart.rst

+ 9 - 4
docs/faq.rst

@@ -81,10 +81,15 @@ automated encrypted backups. Another option is to use
 key file based encryption with a blank passphrase. See
 :ref:`encrypted_repos` for more details.
 
-.. caution:: When passing the passphrase through the environment, the
-             passphrase can be read by any user on the same system, so
-             the use of this technique is strongly discouraged on
-             multi-user systems.
+.. _password_env:
+.. note:: Be careful how you set the environment; using the ``env``
+          command, a ``system()`` call or using inline shell scripts
+          might expose the credentials in the process list directly
+          and they will be readable to all users on a system. Using
+          ``export`` in a shell script file should be safe, however, as
+          the environment of a process is `accessible only to that
+          user
+          <http://security.stackexchange.com/questions/14000/environment-variable-accessibility-in-linux/14009#14009>`_.
 
 When backing up to remote encrypted repos, is encryption done locally?
 ----------------------------------------------------------------------

+ 3 - 4
docs/quickstart.rst

@@ -150,10 +150,9 @@ by providing the correct passphrase.
 For automated backups the passphrase can be specified using the
 `BORG_PASSPHRASE` environment variable.
 
-.. caution:: When passing the passphrase through the environment, the
-             passphrase can be read by any user on the same system, so
-             the use of this technique is strongly discouraged on
-             multi-user systems.
+.. note:: Be careful about how you set that environment, see
+          :ref:`this note about password environments <password_env>`
+          for more information.
 
 .. important:: The repository data is totally inaccessible without the key:**
     Make a backup copy of the key file (``keyfile`` mode) or repo config