📜 Medium🛒 My Shop👾 Github📩 Telegram 📺 YouTube✖ Twitter

Linux Environment Variables

Introduction to Linux Environment Variables

In a Linux operating system, environment variables are dynamic values that define the behavior of system processes and applications. These variables store configuration data, such as the system path, user preferences, and settings, making them essential for efficient system operations and automation.

Types of Environment Variables in Linux

1. System-Wide Environment Variables

These are available for all users and are set by the system administrator. They are defined in files such as:

  • /etc/environment

  • /etc/profile

  • /etc/bash.bashrc

2. User-Specific Environment Variables

These are defined per user and stored in:

  • ~/.bashrc

  • ~/.profile

  • ~/.bash_profile

3. Shell Variables

Shell variables exist only within the running shell session. They can be created and modified within the terminal.

Commonly Used Linux Environment Variables

  1. PATH The PATH variable defines directories where the system searches for executable files.

  2. HOME Represents the home directory of the current user.

  3. USER Stores the username of the logged-in user.

  4. SHELL Specifies the default shell of the user.

  5. EDITOR Defines the default text editor.

  6. LANG Sets the system language.

  7. DISPLAY Specifies the display used by the X Window System.

  8. HISTFILESIZE Sets the maximum number of lines contained in the history file.

  9. HISTSIZE Defines the number of lines added to the history file per session.

  10. HOSTNAME Stores the hostname of the computer.

  11. MAIL Specifies the location of the user’s mail spool.

  12. MANPATH Defines the list of directories to search for manual pages.

  13. OSTYPE Indicates the type of operating system.

  14. PS1 Defines the default Bash prompt.

  15. PWD Stores the current working directory.

  16. TERM Specifies the current terminal type (e.g., xterm, linux).

  17. TZ Sets the time zone.

How to View Environment Variables in Linux

1. Using the printenv Command

2. Using the env Command

3. Using the set Command

How to Set and Export Environment Variables in Linux

1. Temporarily Setting an Environment Variable

This variable will be available only for the current session.

2. Permanently Setting an Environment Variable

To make a variable persistent, add it to ~/.bashrc or ~/.profile.

How to Unset Environment Variables

To remove an environment variable:

Working with Environment Variables in Scripts

Environment variables are often used in Bash scripting to automate tasks.

Example script:

Save this as script.sh, then execute:

Security Considerations for Environment Variables

  1. Avoid Storing Sensitive Data: Never store passwords in environment variables.

  2. Use readonly for Critical Variables:

  3. Restrict Access to Environment Files:

Interesting variables for hacking

HISTFILESIZE

Change the value of this variable to 0, so when you end your session the history file (~/.bash_history) will be deleted.

HISTSIZE

Change the value of this variable to 0, so when you end your session any command will be added to the history file (~/.bash_history).

http_proxy & https_proxy

The processes will use the proxy declared here to connect to internet through http or https.

SSL_CERT_FILE & SSL_CERT_DIR

The processes will trust the certificates indicated in these env variables.

LD_PRELOAD Allows injecting shared libraries into running processes, often used for privilege escalation or bypassing security measures.

LD_LIBRARY_PATH Defines directories where the dynamic linker searches for shared libraries, which can be used for hijacking.

PATH Manipulation Adding a malicious directory to PATH can be used for command hijacking.

TMOUT Automatically logs out an idle user, useful for clearing sessions quickly.

XDG_CONFIG_HOME Can be used to control where applications store configuration files, potentially allowing manipulation.

IFS (Internal Field Separator) Modifying IFS can be used to change command parsing behavior in scripts.

PS1 Manipulation Modify the prompt to hide the current user or create deception.

HOME Change HOME to manipulate where programs store configurations or execute files.

MAIL Modify the mail spool directory to read or redirect emails.

SUDO_ASKPASS Trick sudo into using a fake prompt to steal passwords.

GDBINIT Define a malicious GDB startup file to execute arbitrary commands.

https://shop.verylazytech.com/l/2023OSCPOffSecPenetrationTestingwithKaliLinuxshop.verylazytech.com
PreviousPrivilege escalation - LinuxNextActive Directory Methodology

Last updated

Was this helpful?