Is there any way to create an environment variable that only apache can see?
Or, even better, that only a particular PHP script can see?
How does Gentoo store environment variables? are they just resident in memory?
What I really need is some way to make a password visible to a PHP script I am writing, but to do so such that it vanishes whenever the machine is reset. Ideally it would never get written to disk and would only be accessible from a particular script, say, deriveEncryptionKey.php.
Thoughts on how to do this?
-----------
I don't think a PHP global variable will work. The problem here is that I want something that is resident in memory only, that I can manually enter when the computer starts. For a series of PHP scripts running through Apache I don't see any way for me to manually specify the value of a PHP variable - reading it from a text file or such is an invalid solution because then it has to be resident in the text file.
Were it a command-line app I could just pass it as a command-line argument and then the PHP program could store it as a global variable, but there doesn't seem to be any such notion when running through Apache. Or is there some way to do the equivelent?
I know all solutions are technically insecure, but in any case involving a cryptographic key it has to be present somewhere. I am trying to figure out the best way of making it available to my PHP scripts. Any alternate suggestions will be appreciated.
storing ethereal key? restricted environment variable?
Moderator: General Moderators