Introduction to Linux Environment Variables
In a Linux operating system, environment variables are dynamic values that define the behavior of system processes and applications. These variables store configuration data, such as the system path, user preferences, and settings, making them essential for efficient system operations and automation.
Environment Variables
π System-Wide Variables
These are available for all users and are set by the system administrator. They are defined in files such as:
/etc/environment/etc/profile/etc/bash.bashrc
π€ User-Specific Variables
These are defined per user and stored in:
~/.bashrc~/.profile~/.bash_profile
π Shell Variables
Shell variables exist only within the running shell session. They can be created and modified within the terminal.
π Commonly Used Linux Variables
π File & Directory
PATH The PATH variable defines directories where the system searches for executable files.
1
2
3
4
5
6
7
8
9
| # PATH - Executable lookup directories
echo $PATH
export PATH=/usr/local/bin:$PATH
# HOME - User's home directory
echo $HOME
# PWD - Present working directory
echo $PWD
|
1
2
3
4
5
| # USER - Current username
echo $USER
# HOSTNAME - System hostname
echo $HOSTNAME
|
π Shell Settings
1
2
3
4
5
6
| # SHELL - Default shell
echo $SHELL
# PS1 - Bash prompt string
echo $PS1
export PS1="[\u@\h \W]\$ "
|
π Editors and Language
1
2
3
4
5
| # EDITOR - Default text editor
export EDITOR=nano
# LANG - System language
export LANG=en_US.UTF-8
|
π₯οΈ GUI and Display
1
2
3
| # DISPLAY - X Window System display
echo $DISPLAY
export DISPLAY=:0.0
|
π History
1
2
3
4
5
6
7
| # HISTFILESIZE - Max history file size
echo $HISTFILESIZE
export HISTFILESIZE=5000
# HISTSIZE - Commands per session
echo $HISTSIZE
export HISTSIZE=1000
|
π¬ Mail
1
2
| # MAIL - Mail spool location
echo $MAIL
|
π Documentation
1
2
3
| # MANPATH - Manual search path
echo $MANPATH
export MANPATH=/usr/local/share/man:$MANPATH
|
π₯οΈ Terminal
1
2
3
| # TERM - Terminal type
echo $TERM
export TERM=xterm-256color
|
π Time
1
2
| # TZ - Timezone
export TZ=Asia/Kolkata
|
π§ OS Info
1
2
| # OSTYPE - OS type
echo $OSTYPE
|
π Viewing Environment Variables
π¦ Using printenv
1
2
| printenv
printenv PATH
|
π Using env
π Using set
βοΈ Setting Environment Variables
π Temporarily (Current Session Only)
1
2
| export MY_VAR="Hello World"
echo $MY_VAR
|
πΎ Permanently (Across Sessions)
Add the variable to ~/.bashrc or ~/.profile:
1
2
| echo 'export MY_VAR="Hello World"' >> ~/.bashrc
source ~/.bashrc
|
ποΈ Unsetting Variables
1
2
| unset MY_VAR
echo $MY_VAR # No output expected
|
π οΈ Using Variables in Scripts
π§ͺ Example Bash Script
1
2
3
| #!/bin/bash
echo "Current user: $USER"
echo "Home directory: $HOME"
|
Save as script.sh and run:
1
2
| chmod +x script.sh
./script.sh
|
π Security Tips for Env Variables
- Avoid storing sensitive data (e.g., passwords) in environment variables.
- Use readonly for critical variables:
1
| readonly SECURE_VAR="Secret"
|
- Restrict permissions:
π΅οΈ Advanced and Offensive Usage
π History Deletion
1
2
| export HISTFILESIZE=0
export HISTSIZE=0
|
π Proxy Redirection
1
2
| export http_proxy="http://10.10.10.10:8080"
export https_proxy="http://10.10.10.10:8080"
|
π SSL Certificate Trust
1
2
| export SSL_CERT_FILE=/path/to/ca-bundle.pem
export SSL_CERT_DIR=/path/to/ca-certificates
|
𧬠Library Injection
1
2
| export LD_PRELOAD=/tmp/malicious.so
export LD_LIBRARY_PATH=/tmp/mylib:$LD_LIBRARY_PATH
|
πͺ€ PATH Hijacking
1
| export PATH=/tmp/malicious:$PATH
|
β±οΈ Auto-Logout Timeout
π οΈ App Config Hijack
1
| export XDG_CONFIG_HOME=/tmp/custom-config
|
π Field Separator Manipulation
π§ PS1 Prompt Manipulation
1
| export PS1='[\u@\h \W]# '
|
π HOME Override
1
| export HOME=/tmp/fakehome
|
π§ MAIL Redirection
π§ͺ Sudo Askpass Exploit
1
2
| export SUDO_ASKPASS=/tmp/fake-pass-prompt
sudo -A whoami
|
π GDB Exploitation
1
| export GDBINIT=/tmp/malicious-gdbinit
|
π§Ύ Summary
Environment variables are a fundamental aspect of Linux systems. They control how the system and user sessions behave, help in scripting, system management, and even (mis)use in penetration testing. Managing them wisely leads to a more secure and efficient Linux environment.
