Environment variables are a legacy mess: Let's dive deep into them

Summary

2025-10-13 by allvpv <Przemysław Kusiak> Environment variables are a legacy mess: Let's dive deep into them Programming languages have rapidly evolved in recent years. But in software development, the new often meets the old, and the scaffolding that OS gives for running new processes hasn’t changed much since Unix. If you need to parametrize your application at runtime by passing a few ad-hoc variables (without special files or a custom solution involving IPC or networking), you’re doomed to a pretty awkward, outdated interface: Environment variables. export SECRET_API_KEY=2u845102348u234 There are no namespaces for them, no types. Just a flat, embarrassingly global dictionary of strings. But what exactly are these envvars? Is it some kind of special dictionary inside the OS? If not, who owns them and how do they propagate? Where do they come from? In a nutshell: they’re passed from parent to child. 841 ? 00:00:00 sshd 1520 ? 00:00:00 \_ sshd-session 1616 ? 00:00:00 \_ sshd-session 5521 pts/0 00:00:00 \_ bash 5545 pts/0 00:00:00 \_ nu 5549 pts/0 00:00:00 \_ bash 5560 pts/0 00:00:00 \_ ps On Linux, a program must use the execve syscall to execute another program. Whether you type ls in Bash, call subprocess.run in Python, or launch a code editor, it ultimately comes down to execve, preceded by a clone/fork. The exec* family of C functions also relies on execve. SYSCALL_DEFINE3(execve, const char __user *, filename, const char __user *const __user *, argv, const char __user *const __user *, envp) This system call takes three arguments: filename, argv, envp. For example, for an ls -lah invocation: /usr/bin/ls is the filename (the executable path), ['ls', '-lah'] is the argv array of command line arguments – the implicit first (“zero”) argument is usually the executable name, ['PATH=/bin:/usr/bin', 'USER=allvpv'] is the envp array of envvars (typically much longer). By default, all envvars are passed from the parent to the child. However, nothing prevents a parent proc...