Home -> Mailing Lists -> Oracle-L -> RE: safe way to store passwords in unix OS

RE: safe way to store passwords in unix OS

From: D'Hooge Freek <Freek.DHooge_at_uptime.be>
Date: Wed, 4 Jan 2012 18:57:31 +0100
Message-ID: <4814386347E41145AAE79139EAA39898197BF9E992_at_ws03-exch07.iconos.be> 





Richard,



Secure External password store is included within the EE license (except if you use PKI):



http://download.oracle.com/docs/cd/E11882_01/license.112/e10594/editions.htm#CJACGHEB

 


Freek D'Hooge


Uptime


Oracle Database Administrator


email: freek.dhooge_at_uptime.be


tel +32(0)3 451 23 82


http://www.uptime.be


disclaimer: www.uptime.be/disclaimer



-----Original Message-----


From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Goulet, Richard
Sent: woensdag 4 januari 2012 18:37


To: tim_at_oracle-base.com; oracledbaquestions_at_gmail.com
Cc: ORACLE-L


Subject: RE: safe way to store passwords in unix OS



Question, isn't  the use of a wallet a part of the advanced security option???



Richard Goulet


Senior Oracle DBA/Na Team Leader




-----Original Message-----


From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Tim Hall
Sent: Thursday, December 15, 2011 12:46 PM
To: oracledbaquestions_at_gmail.com


Cc: ORACLE-L


Subject: Re: safe way to store passwords in unix OS



Hi.



Secure External Password Store sounds like the safest bet.



http://www.oracle-base.com/articles/10g/SecureExternalPasswordStore_10gR2.php



Cheers



Tim...



On Thu, Dec 15, 2011 at 5:30 PM, Dba DBA <oracledbaquestions_at_gmail.com> wrote:


> This is not exactly an Oracle question, but I am asking it here in 

> case someone has solved this. We have alot of jobs that log into our 

> Oracle databases. Some of them use ops$oracle accounts. In the future 

> we are not allowed to use ops$oracle and need to provide passwords. I 

> am trying to find a method, or program/script that allows us to do the following.

> 1. store oracle passwords in unix in a lock box 2. only given 

> processes and users can access specific passwords 3. 

> program/process/script has customizable logic that only lets specific 

> jobs access the password.

> 4. We are mainly using Cron for our jobs, but may be using some other 

> job schedulers in the future that have more features.

> 5. you cannot access the passwords from a user account

>

>

> basically you give the password to the script/program, etc and tell it 

> which jobs/users can retrieve it. Those jobs call the script/program 

> and the program can accurately decide which job gets which password.

>

> This is about all the requirements I have on this. Sorry if this is 

> kind of vague.

>

>

> --

> http://www.freelists.org/webpage/oracle-l

>

>


--
http://www.freelists.org/webpage/oracle-l


--
http://www.freelists.org/webpage/oracle-l


--
http://www.freelists.org/webpage/oracle-l


Received on Wed Jan 04 2012 - 11:57:31 CST












Original text of this message