# 2017-02-07

Today I made a mistake which seems obvious now: I created a script 
which is suppoed to run as a cronjob in a server environment. To start 
it, it needs a couple of arguments; one of these was an API token which 
is usually encrypted.

The mistake is that when this token is passed to the script as an 
argument, it is then visible in the process table (to e.g. other users). 

The fix I made was to modify my script in a way that it reads the token 
from an environment variable (which needs to be set before executing it).