👉 Overview
👀 What ?
Environment variables are a set of dynamic named values that can affect the way running processes will behave on a computer. They are part of the environment in which a process runs. For example, a running process can query the value of the TEMP environment variable to discover a suitable location to store temporary files, or the HOME or USERPROFILE variable to find the directory structure owned by the user running the process.
🧐 Why ?
Understanding environment variables is important because they can provide valuable information about the system, the software installed, the system paths, and potentially sensitive information about the system configuration. From a cybersecurity perspective, they can be used to find vulnerabilities, misconfigurations or sensitive information disclosure.
⛏️ How ?
To list all the environment variables on a Linux or Mac system, you can use the 'printenv' command in the terminal. On Windows, you can use the 'set' command in the command line. To get the value of a specific variable, you can use 'echo $VARIABLE_NAME' on Linux or Mac, or 'echo %VARIABLE_NAME%' on Windows.
⏳ When ?
Environment variables have been in use since the early days of computing, as a way for running processes to interact with their operating environment. They are used in all major operating systems, including Windows, Linux, and MacOS.
⚙️ Technical Explanations
Environment variables are stored in a section of the system memory reserved for running processes. They are created by the shell session or process and are destroyed when the process ends. Each running process has its own set of environment variables, and can create new ones or change the values of existing ones. However, these changes are local to the process making them and are not seen by other processes. From a cybersecurity perspective, environment variables can be a potential attack vector. For example, if a process uses the value of an environment variable to construct a file path for a sensitive operation, and does not properly sanitize the value, an attacker could potentially manipulate the environment variable to redirect the operation to a different file path of their choosing.