safe way to store passwords in unix OS

From: Dba DBA <oracledbaquestions_at_gmail.com>
Date: Thu, 15 Dec 2011 12:30:26 -0500
Message-ID: <CAE-dsOJLWUZwucKtTuRdn3Dd=fopwO5kzpwrYRDsednAmcVswA_at_mail.gmail.com>



This is not exactly an Oracle question, but I am asking it here in case someone has solved this. We have alot of jobs that log into our Oracle databases. Some of them use ops$oracle accounts. In the future we are not allowed to use ops$oracle and need to provide passwords. I am trying to find a method, or program/script that allows us to do the following.
1. store oracle passwords in unix in a lock box
2. only given processes and users can access specific passwords
3. program/process/script has customizable logic that only lets specific
jobs access the password.
4. We are mainly using Cron for our jobs, but may be using some other job schedulers in the future that have more features. 5. you cannot access the passwords from a user account

basically you give the password to the script/program, etc and tell it which jobs/users can retrieve it. Those jobs call the script/program and the program can accurately decide which job gets which password.

This is about all the requirements I have on this. Sorry if this is kind of vague.

--
http://www.freelists.org/webpage/oracle-l
Received on Thu Dec 15 2011 - 11:30:26 CST

Original text of this message