Linux Environment Variables
Become VeryLazyTech member! 🎁
Follow us on:
✖ Twitter @VeryLazyTech.
👾 Github @VeryLazyTech.
📜 Medium @VeryLazyTech.
📺 YouTube @VeryLazyTech.
📩 Telegram @VeryLazyTech.
🕵️♂️ My Site @VeryLazyTech.
Visit our shop for e-books and courses. 📚
Introduction to Linux Environment Variables
In a Linux operating system, environment variables are dynamic values that define the behavior of system processes and applications. These variables store configuration data, such as the system path, user preferences, and settings, making them essential for efficient system operations and automation.
Types of Environment Variables in Linux
1. System-Wide Environment Variables
These are available for all users and are set by the system administrator. They are defined in files such as:
/etc/environment/etc/profile/etc/bash.bashrc
2. User-Specific Environment Variables
These are defined per user and stored in:
~/.bashrc~/.profile~/.bash_profile
3. Shell Variables
Shell variables exist only within the running shell session. They can be created and modified within the terminal.
Commonly Used Linux Environment Variables
PATH The
PATHvariable defines directories where the system searches for executable files.echo $PATH export PATH=/usr/local/bin:$PATHHOME Represents the home directory of the current user.
echo $HOMEUSER Stores the username of the logged-in user.
echo $USERSHELL Specifies the default shell of the user.
echo $SHELLEDITOR Defines the default text editor.
export EDITOR=nanoLANG Sets the system language.
export LANG=en_US.UTF-8DISPLAY Specifies the display used by the X Window System.
echo $DISPLAY export DISPLAY=:0.0HISTFILESIZE Sets the maximum number of lines contained in the history file.
echo $HISTFILESIZE export HISTFILESIZE=5000HISTSIZE Defines the number of lines added to the history file per session.
echo $HISTSIZE export HISTSIZE=1000HOSTNAME Stores the hostname of the computer.
echo $HOSTNAMEMAIL Specifies the location of the user’s mail spool.
echo $MAILMANPATH Defines the list of directories to search for manual pages.
echo $MANPATH export MANPATH=/usr/local/share/man:$MANPATHOSTYPE Indicates the type of operating system.
echo $OSTYPEPS1 Defines the default Bash prompt.
echo $PS1 export PS1="[\u@\h \W]\$ "PWD Stores the current working directory.
echo $PWDTERM Specifies the current terminal type (e.g.,
xterm,linux).echo $TERM export TERM=xterm-256colorTZ Sets the time zone.
echo $TZ export TZ=America/New_York
How to View Environment Variables in Linux
1. Using the printenv Command
printenv Commandprintenv
printenv PATH2. Using the env Command
env Commandenv3. Using the set Command
set Commandset | lessHow to Set and Export Environment Variables in Linux
1. Temporarily Setting an Environment Variable
export MY_VAR="Hello World"
echo $MY_VARThis variable will be available only for the current session.
2. Permanently Setting an Environment Variable
To make a variable persistent, add it to ~/.bashrc or ~/.profile.
echo 'export MY_VAR="Hello World"' >> ~/.bashrc
source ~/.bashrcHow to Unset Environment Variables
To remove an environment variable:
unset MY_VAR
echo $MY_VAR # No outputWorking with Environment Variables in Scripts
Environment variables are often used in Bash scripting to automate tasks.
Example script:
#!/bin/bash
echo "The current user is: $USER"
echo "The home directory is: $HOME"Save this as script.sh, then execute:
bash script.shSecurity Considerations for Environment Variables
Avoid Storing Sensitive Data: Never store passwords in environment variables.
Use
readonlyfor Critical Variables:readonly SECURE_VAR="Sensitive Data"Restrict Access to Environment Files:
chmod 600 ~/.bashrc
Interesting variables for hacking
HISTFILESIZE
Change the value of this variable to 0, so when you end your session the history file (~/.bash_history) will be deleted.
export HISTFILESIZE=0HISTSIZE
Change the value of this variable to 0, so when you end your session any command will be added to the history file (~/.bash_history).
export HISTSIZE=0http_proxy & https_proxy
The processes will use the proxy declared here to connect to internet through http or https.
export http_proxy="http://10.10.10.10:8080"
export https_proxy="http://10.10.10.10:8080"SSL_CERT_FILE & SSL_CERT_DIR
The processes will trust the certificates indicated in these env variables.
export SSL_CERT_FILE=/path/to/ca-bundle.pem
export SSL_CERT_DIR=/path/to/ca-certificatesLD_PRELOAD Allows injecting shared libraries into running processes, often used for privilege escalation or bypassing security measures.
export LD_PRELOAD=/tmp/malicious.soLD_LIBRARY_PATH Defines directories where the dynamic linker searches for shared libraries, which can be used for hijacking.
export LD_LIBRARY_PATH=/tmp/mylib:$LD_LIBRARY_PATHPATH Manipulation
Adding a malicious directory to PATH can be used for command hijacking.
export PATH=/tmp/malicious:$PATHTMOUT Automatically logs out an idle user, useful for clearing sessions quickly.
export TMOUT=1XDG_CONFIG_HOME Can be used to control where applications store configuration files, potentially allowing manipulation.
export XDG_CONFIG_HOME=/tmp/custom-configIFS (Internal Field Separator)
Modifying IFS can be used to change command parsing behavior in scripts.
export IFS=$'\n'PS1 Manipulation Modify the prompt to hide the current user or create deception.
export PS1='[\u@\h \W]# 'HOME
Change HOME to manipulate where programs store configurations or execute files.
export HOME=/tmp/fakehomeMAIL Modify the mail spool directory to read or redirect emails.
export MAIL=/tmp/mailSUDO_ASKPASS
Trick sudo into using a fake prompt to steal passwords.
export SUDO_ASKPASS=/tmp/fake-pass-prompt
sudo -A whoamiGDBINIT Define a malicious GDB startup file to execute arbitrary commands.
export GDBINIT=/tmp/malicious-gdbinit
Last updated
Was this helpful?