I want to use rclone to mount a Google Drive with a script stored on a USB disk which will be removed immediately after the script is executed.
With help of ncw and asdffdsa, I found that making the config on the fly could be the solution.
I tried to mount my Google Drive this way and everything works fine.
While before I am going to use this method, I have some security concerns.
To my understanding, it's going to expose some sensitive info, e.g. client secret and sa credential, to shell environment variable.
I am not a coder so I don't have comprehensive understanding of how shell works.
Therefore, could anyone tell me would this really causes security issues, and is there any way to fix/improve this?
Thanks in advance!
Run the command 'rclone version' and share the full output of the command.
- os/version: Microsoft Windows 10 Pro for Workstations 21H2 (64 bit)
- os/kernel: 10.0.19044.1682 (x86_64)
- os/type: windows
- os/arch: amd64
- go/version: go1.17.9
- go/linking: dynamic
- go/tags: cmount
Which cloud storage system are you using?
The command you were trying to run (eg rclone copy /tmp remote:tmp)
I made a remote with environment variables and the variables remain there after the remote is created, just like asdffdsa's case.
You mentioned, "Rclone could delete the environment variables once it has read then I suppose". Could you tell me how to do this, maybe add certain flags or...?
By the way, is it possible to delete environment variables by another program (windows and linux - I mainly use debian)?
I would also support the idea to add a feature of deleting the environment variables.
Probably I should use an encrypted rclone config file.
But I still have two questions.
First, since I am using a service account but not a token, rclone is not going to update the config file automatically, is it?
Second, if it's on linux, e.g. debian, is it possible to to delete environment variables by another program?