In the second case it isn’t actually reading from standard in, but from an process listing opaque ephemeral file.
tl;dr - If worried about leaking the path to a secret file, use <() (e.g. <( < "${secret_file_path}")) which makes an opaque ephemeral file i.e. /dev/fdX on the command line (1) Sorry for the top level comment, but I am…
Long time lurker on hacker news. This topic inspired me to finally register. Wildland operations are a completely different skill set from structural firefighting. That is why there is a separate certification (red…
In the second case it isn’t actually reading from standard in, but from an process listing opaque ephemeral file.
tl;dr - If worried about leaking the path to a secret file, use <() (e.g. <( < "${secret_file_path}")) which makes an opaque ephemeral file i.e. /dev/fdX on the command line (1) Sorry for the top level comment, but I am…
Long time lurker on hacker news. This topic inspired me to finally register. Wildland operations are a completely different skill set from structural firefighting. That is why there is a separate certification (red…