On Mon, 19 Sept 2022 at 04:36, Joerg Sonnenberger <jo...@bec.de> wrote:
> does anyone still know the motivation for SSH_USER_AUTH pointing to a
> file with the data instead of containing it directly?

Authentication data is sensitive and a process's environment variables
can be inspected by any other process on the system, whereas files
have ownership and permission bits that control access.

-- 
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

  • SSH_USER_AUTH Joerg Sonnenberger
    • Re: SSH_USER_AUTH Darren Tucker

Reply via email to