Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.misc -> Re: Shell Scripts/PW Security
That is true if the users have the MEM privilege. MEM allows users to see the processes of other users. To secure this hole, at a previous employer we created our Unix accounts without the MEM privilege. All the users could see with the ps -ef command is there own processes! This was on SCO Unix. Other Unix versions may be different.
In article <329BC09A.7FA8_at_deere.com>, jh33378_at_deere.com says...
>
>John Hough wrote:
>>
>> I have a series of database performance tuning scripts that we would
>> like to run from a particular machine against remote instances. If
>> we were running these online we could issue the command:
>>
>> sqlplus username/password_at_remote_sqlservice @sqlscript_to_run
>>
>
>You should be aware of the security hole involved in using a password on
>the command line -- the ps -ef command will reveal the password to any
>user on your machine!
>--
>John P. Higgins Voice: (309)765-4481
>Deere & Company Fax: (309)765-5168
>John Deere Road Internet: jh33378_at_deere.com
>Moline, IL 61265 Opinions: My Own
Received on Wed Nov 27 1996 - 00:00:00 CST