stackoom
  简体   繁体   中英

Is there any security advantage to mounting secrets as a file instead of passing them as environment variables with Docker on Kubernetes?

 原文  2019-04-10 19:31:51       docker/ security/ kubernetes

Question

With Docker, there is discussion (consensus?) that passing secrets through runtime environment variables is not a good idea because they remain available as a system variable and because they are exposed with docker inspect.

In kubernetes, there is a system for handling secrets, but then you are left to either pass the secrets as env vars (using envFrom) or mount them as a file accessible in the file system.

Are there any reasons that mounting secrets as a file would be preferred to passing them as env vars?

I got all warm and fuzzy thinking things were so much more secure now that I was handling my secrets with k8s. But then I realized that in the end the 'secrets' are treated just the same as if I had passed them with docker run -e when launching the container myself.

3 answers

solution1
 5 ACCPTED  2019-04-10 19:52:08

Environment variables aren't treated very securely by the OS or applications. Forking a process shares it's full environment with the forked process. Logs and traces often include environment variables. And the environment is visible to the entire application as effectively a global variable.

A file can be read directly into the application and handled by the needed routine and handled as a local variable that is not shared to other methods or forked processes. With swarm mode secrets, these secret files are injected a tmpfs filesystem on the workers that is never written to disk.

Secrets injected as environment variables into the configuration of the container are also visible to anyone that has access to inspect the containers. Quite often those variables are committed into version control, making them even more visible. By separating the secret into a separate object that is flagged for privacy allows you to more easily manage it differently than open configuration like environment variables.

solution2
 1  2019-04-10 19:54:24

Yes , since when you mount the actual value is not visible through docker inspect or other Pod management tools. More over you can enforce file level access at the file system level of the Host for those files.

More suggested reading is here Kubernets Secrets

solution3
 0  2019-04-10 19:52:44

Secrets in Kearse used to store sensitive information like passwords, ssl certificates.

You definitely want to mount ssl certs as files in container rather sourcing them from environment variab les.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question passing in environment variables into docker running in kubernetes Docker secrets passing as environment variable Passing environment variables not working with Docker Passing jenkins secrets file to docker image run Passing environment variables to Docker containers Passing in environment variables into docker file that is build via a compose yaml Why is Docker Secrets more secure than environment variables? Should I use user-secrets or environment variables with docker Encrypting Databases: Secret in Environment Variables vs Docker Secrets? How to pass secrets as environment variables into a Docker Github Action?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM