Re: os authenticated accounts

From: Roman Podshivalov <roman.podshivalov_at_gmail.com>
Date: Fri, 7 Mar 2008 09:27:13 -0500
Message-ID: <55f303590803070627p6d730980q5bca0cca5b74b2a6@mail.gmail.com>


Yes this is an issue but OS level privileges should take care of it. Wallet created with mkstore command has read/write permissions granted to owner only. Also you can use ACL on filesystems to grant read permissions to additional users. It's not perfect - I know, but still better than dot files.

--romas

On 3/6/08, Yechiel Adar <adar666_at_inter.net.il> wrote:
>
> The trouble with this method is:
> If he can see your scripts on the server, he can do sqlplus
> /@production_database on the server, the same as you.
> The wallet does not care who use it and in effect it is like using the
> user name and password on the server.
>
> I am preparing some scripts for a new server and I would like advice how
> to overcome this problem.
>
> Adar Yechiel
> Rechovot, Israel
>
>
>
> Roman Podshivalov wrote:
> > Joe,
> >
> > Oracle Secure External Password Store feature.
> >
> http://download.oracle.com/docs/cd/B19306_01/network.102/b14266/cnctslsh.htm#i1006413
> >
> >
> --
> http://www.freelists.org/webpage/oracle-l
>
>
>

--
http://www.freelists.org/webpage/oracle-l
Received on Fri Mar 07 2008 - 08:27:13 CST

Original text of this message