There isn't really a way around it.

There is -- you can expose a UNIX socket for serving credentials and allow access to it only from a whitelist of systemd services.

They would still exist in plaintext, just the permissions would make it a little harder to access.

No, UNIX sockets work over SSL too.

You can, theoretically, decompile the system memory dump and try to mine the credentials out of the credential server's heap, but that exploit is exponentially more difficult to do that a simple `cat /proc/1234/environ`.

That works on a single persistent box, but unfortunately, that means giving up on autoscaling, which is not so nice for cloud applications.

You can proxy the UNIX socket to a network server if you want to. You can even use SSL encryption at all times too.

Once it's networked you lose the "whitelist of systemd services" and it's then no different from any networked secret store.

No, this is a solved problem: https://spiffe.io/

You can do service attestation securely, even for networked services.

Run your own servers so the .env isn't shared with your hosting provider?

I love how you can tell something was generated because it comes out clear and using many of the important writing fundamentals we were all taught.

All I know is that when a class starts with 'elementary' or 'fundamentals of' you had best buckle up.

Algebraic too.

There's also the opposite in physics though, "modern" means from the 60s with square roots drawn in manually.

Introduction to ...

That's code for 101.

No. It's code for the thickest, densest book on the subject that you're ever gonna not read, as it actually assumes you're experienced in the subject and goes into everything except intro level topics.

See e.g. Petzold, et al.

I'm getting flashbacks to Spivak, who wrote a 2000 page "introduction" to differential geometry.

To be fair to Spivak, he did say it was comprehensive introduction. :)

Think i'd be ok with a year and a half halt for things in general every now and again.

I think this is a good perspective for problem solving generally - just establishing a simple (ideally effective, it not then call it naieve) standard of comparison to base further decisions off of.

They gave enough detail that its clear from context what 'had to' meant.

Motherfucker you try to take my fork while I'm eating and you're going to get a stabbed hand. Are forks addicting?

You may be a bit emotionally invested in this topic if you feel you're getting a lot of information from that exchange.

Why do you think so?

Simply because it was an information poor exchange.

Because you’ve posted a dozen times here and it seems to be about the only topic you post on.

What topic do you mean?

What topic do you think? I was in another thread and saw someone post this completely independent of me noticing it:

“There's definitely some people working overtime to overhype AI on here. like 50% of the comments on this are from simianwords who only posts when people say negative AI sentiments.”

It is absolutely one of the better benefits of this forum

Title is misleading, there is an open discussion on the topic with someone raising valid points and a clear escalation method that involves a vote from another group.