Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: sqlplus problem - more on security

Re: sqlplus problem - more on security

From: <rtproffitt_at_my-deja.com>
Date: Thu, 08 Jul 1999 16:33:25 GMT
Message-ID: <7m2jsk$g36$1@nnrp1.deja.com> 





Sorry for the confusion...



The whole process was controlled by a script
in crontab...typical "search for flag" type of
deal... Once the control script found the flag
it would launch the main script.



The main script would call the sub_script (controlled
by userid) which sets the environment variables.
Then the main script would call any necessary sub-processes
to get the work done, in our case Pro/C, Loader and
SQL/PLUS.


The key is that a person's session never gets the
user/pass variables published, and the command line
substitutions are NEVER done at the user prompt, but
only INSIDE another script...So I believe the history
will only show the name of the original script file
which was launched and not anything inside the script
file.  Even if a person could see the name of the
main script file and even if they could list it,
they still would not see the user/pass, because these
are inside the sub-script, which has explicitly been
set to 700 (no group, no world, only the user).



Hope this helps a little.


Robert Proffitt




Sent via Deja.com http://www.deja.com/



Share what you know. Learn what you don't.
Received on Thu Jul 08 1999 - 11:33:25 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US