Why is Docker Secrets more secure than environment variables? Why is Docker Secrets more secure than environment variables? docker docker

Why is Docker Secrets more secure than environment variables?


security docker environment-variables docker-secrets

Because secrets are encrypted. From the documentation :

Secrets are encrypted during transit and at rest in a Docker swarm. A given secret is only accessible to those services which have been granted explicit access to it, and only while those service tasks are running.

you can also

use Docker secrets to centrally manage this data and securely transmit it to only those containers that need access to it.

The problem with environment variables is that all your passwords and ssh keys are stored in clear and all processes with the same privileges or more privileges as you, have also access to these credentials. In *nix OS, you can easily read environment variables of a process with a pid value of <pid> with :

cat /proc/<pid>/environ

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last