isso icon indicating copy to clipboard operation
isso copied to clipboard
verified publisher icon isso-comments

feature request: Allow config parser to detect environment variables

Open andrewzah opened this issue 7 years ago • 4 comments

relevant code section: https://github.com/posativ/isso/blob/7f55c81e0875e1564eeab8ec6dd605c5699c9137/isso/config.py#L129-L130

See: https://stackoverflow.com/questions/26586801/configparser-and-string-interpolation-with-env-variable

andrewzah avatar Mar 13 '18 18:03 andrewzah

I'd be wary of having Isso be configured from multiple places. For now, it already reads ISSO_SETTINGS to find its own config files.

Having too many possible scenarios of mixed configs and inputs creates an untenable situation for testing. A bug in the parsing of another env variable slipped completely under the radar for that reason, see https://github.com/posativ/isso/issues/720

You'd also have to deal with which config source would take precedence and what to do with duplicates. Parsing env variables, which is untrusted input that potentially any user can set, also creates a bit of a security nightmare.

I'm doing to close this for now, unless you have a valid reason for this feature to be implemented.

ix5 avatar Dec 27 '21 01:12 ix5

  1. Env vars allow people to check config files into version control. I would like to be able to do this, and specify secrets as needed via env vars.
  2. Env vars are not less secure than reading files. Neither method provides security if the system is compromised. Only the user and root can see them, unlike files and directories which also need to be managed via permissions.
  3. Env vars take priority over files typically. Just pick one and state it in the documentation. Allowing interpolation in the config file itself solves this issue.
  4. "Parsing env variables, which is untrusted input that potentially any user can set" the vast majority of the computing world is completely unsecure, then. Just about every service that I use allows config setting via env vars.

Not allowing env vars doesn't provide any additional security if the system is compromised, and it makes it harder for system administration because I can't check the config into source control systems so I have to manage it by hand every time I (re)install isso (via docker, etc).

andrewzah avatar Dec 27 '21 20:12 andrewzah

Having thought about this a bit, your arguments convince me. Would you like to submit a PR that introduces such ways of configuring Isso?

ix5 avatar Feb 13 '22 20:02 ix5

Related: https://github.com/posativ/isso/issues/763

ix5 avatar May 01 '22 14:05 ix5