Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Mailing Lists -> Oracle-L -> Re: Any ideas for running CRON jobs under Security Requirements
I don't know how others do it, but I use a password server.
Usernames/passwords are kept in an encrypted file. The
server sends the passwords out encrypted via RC5.
The passwords for authenticating to the server are alas, stored in plain text.
I have not yet been sufficiently motivated ( auditors have not complained ) about changing that bit. Probably would not be too difficult to convert to using SSH keys.
Details may be found in "Perl for Oracle DBA's".
What, you think I would write that in Python? ;)
Jared
On 5/13/05, Hemant K Chitale <hkchital_at_singnet.com.sg> wrote:
>
>
> How do you run CRON jobs {Online Backups, DB Monitoring} on Database
> Servers
> when IT Security / SOX requirements state that
> a) No userid-password pairs are to be kept in plain-text in any files
> b) connect / as sysdba is not to be used
>
> I can handle a) with CRON jobs running under the "oracle" account with
> "connect / as sysdba"
> at the beginning of SQL scripts. I can handle b) if I hard code a
> userid/password with the
> appropriate privileges. How do I handle both requirements ?
>
>
>
> Hemant K Chitale
> http://web.singnet.com.sg/~hkchital
>
>
> --
> http://www.freelists.org/webpage/oracle-l
>
-- Jared Still Certifiable Oracle DBA and Part Time Perl Evangelist -- http://www.freelists.org/webpage/oracle-lReceived on Sat May 14 2005 - 16:34:54 CDT