undefined | Better HN

0 pointstinus_hn6y ago0 comments

Much of it is api keys they would distribute in the deployed app anyway. Not really ‘secret’.

0 comments

That’s how it starts though. If everything is provided at deploy and nothing is ever embedded in source code there’s no way you can end up in this situation.

In some industries it’s also an audit or legal requirement that developers not have access to production credentials, so there’s no other way to reasonably handle that.

Edit: also, rebuilding your source because an API key changed... no thanks.

tinus_hnOP6y ago

The choices are:

1. api key is publicly readable in a configuration files you ship

2. api key is compiled into the binary you ship.

There is only obfuscation. Then again api keys are not security keys.

chrismeller6y ago

But literally in this case it was security keys.

Even including an API key into the binary build is avoidable. Add an OAuth-style negotiation for the key as the first startup process.

Start digging deeper and there are fewer and fewer reasons.

2 more replies

tracker16y ago

3. API key is in an environment variable configured IN the environment.

4. You use a secret service that has pk or secure access from the service machine to retrieve secure configs/settings from.

j / k navigate · click thread line to collapse

0 comments

chrismeller6y ago

That’s how it starts though. If everything is provided at deploy and nothing is ever embedded in source code there’s no way you can end up in this situation.

In some industries it’s also an audit or legal requirement that developers not have access to production credentials, so there’s no other way to reasonably handle that.

Edit: also, rebuilding your source because an API key changed... no thanks.

tinus_hnOP6y ago

The choices are:

1. api key is publicly readable in a configuration files you ship

2. api key is compiled into the binary you ship.

There is only obfuscation. Then again api keys are not security keys.

chrismeller6y ago

But literally in this case it was security keys.

Even including an API key into the binary build is avoidable. Add an OAuth-style negotiation for the key as the first startup process.

Start digging deeper and there are fewer and fewer reasons.

2 more replies

tracker16y ago

3. API key is in an environment variable configured IN the environment.

4. You use a secret service that has pk or secure access from the service machine to retrieve secure configs/settings from.

j / k navigate · click thread line to collapse