alt Hacker NewsThere is -- you can expose a UNIX socket for serving credentials and allow access to it only from a whitelist of systemd services.
Replies
lemagedurage • today at 10:37 AM
That works on a single persistent box, but unfortunately, that means giving up on autoscaling, which is not so nice for cloud applications.
They would still exist in plaintext, just the permissions would make it a little harder to access.