Sunday 05 July 2026 02:20:40 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Environment variables

Process-level values often used for configuration and, sometimes, sensitive secrets.

Environment variables are process-level name-and-value pairs that programs read at runtime for configuration. They are inherited by child processes, which makes them a convenient way to pass settings such as file paths, feature flags, API endpoints, and credentials without hardcoding them into source code. In security work, that convenience is also the danger: a variable meant for configuration may contain a password, token, or private key.

Attackers look for environment variables because they can reveal secrets to any process that can read the runtime context, dump memory, inspect child-process state, or exploit command execution. In tools that run code or shell commands, a breakout can turn ordinary configuration access into secret exposure. Defenders reduce this risk by keeping secrets in dedicated vaults, minimizing inheritance, avoiding logging of variables, and using least privilege so only the intended process can see sensitive values.

← WIKICROOK index