chatgpt-retrieval-plugin icon indicating copy to clipboard operation
chatgpt-retrieval-plugin copied to clipboard

Published 20 hours ago verified publisher icon openai

Security: add option to not pass secrets as environment variables

Open happysalada opened this issue 1 year ago • 1 comments

hey, great service here, thank you!

In terms of security , passing secrets as environment variable isn't great as other processes have access to the environment. The best practice here is to use paths for secrets (docker can load secrets from paths with docker secrets).

Would it be possible to read secrets from an env variable pointing to a path ? So for example instead of the env var being BEARER_TOKEN it would be BEARER_TOKEN_PATH and the app would then do a readfile on it.

I can understand that this can be a pain, but I just thought it might be good to ask anyways.

happysalada avatar Mar 31 '23 15:03 happysalada

I personally just added them in a .env file

knoel99 avatar Jun 30 '23 10:06 knoel99