Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Environment variables are inherited by container #2

Open
charles-l opened this issue Oct 21, 2020 · 2 comments
Open

Environment variables are inherited by container #2

charles-l opened this issue Oct 21, 2020 · 2 comments

Comments

@charles-l
Copy link

For my usecase at least, it would be useful to have an option to clear the environmental variables for the container like docker containers do...

This is probably considered an enhancement (but could also be considered a security improvement if users are carrying around secrets in their envs). I might take a crack at implementing it if I have a bit of time soon.
@anordal
Copy link
Owner

anordal commented Oct 22, 2020

You are welcome to implement this, but as a user, you can always wrap your command in env -i.

@charles-l charles-l mentioned this issue Jan 16, 2021
Open
@charles-l
Copy link
Author

Great! Better to not add additional code if it's not needed. I opened a PR to add an example of env -i to the README.

The only other concern I have is from a security perspective. Assuming I have a secret an environment variable, and a malicious env binary in the container, the env binary could potentially steal the secret, right? If that's the case, I'll update the README with a warning.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@charles-l @anordal