diff --git a/docs/faq.rst b/docs/faq.rst index c1745a130..d98d26258 100644 --- a/docs/faq.rst +++ b/docs/faq.rst @@ -81,10 +81,15 @@ automated encrypted backups. Another option is to use key file based encryption with a blank passphrase. See :ref:`encrypted_repos` for more details. -.. caution:: When passing the passphrase through the environment, the - passphrase can be read by any user on the same system, so - the use of this technique is strongly discouraged on - multi-user systems. +.. _password_env: +.. note:: Be careful how you set the environment; using the ``env`` + command, a ``system()`` call or using inline shell scripts + might expose the credentials in the process list directly + and they will be readable to all users on a system. Using + ``export`` in a shell script file should be safe, however, as + the environment of a process is `accessible only to that + user + `_. When backing up to remote encrypted repos, is encryption done locally? ---------------------------------------------------------------------- diff --git a/docs/quickstart.rst b/docs/quickstart.rst index ff3aa80ea..19ac429b4 100644 --- a/docs/quickstart.rst +++ b/docs/quickstart.rst @@ -150,10 +150,9 @@ by providing the correct passphrase. For automated backups the passphrase can be specified using the `BORG_PASSPHRASE` environment variable. -.. caution:: When passing the passphrase through the environment, the - passphrase can be read by any user on the same system, so - the use of this technique is strongly discouraged on - multi-user systems. +.. note:: Be careful about how you set that environment, see + :ref:`this note about password environments ` + for more information. .. important:: The repository data is totally inaccessible without the key:** Make a backup copy of the key file (``keyfile`` mode) or repo config