Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Security Products

Security Products

From: Rosemary Fleming <rosemary_at_pathcom.com>
Date: 1997/02/19
Message-ID: <5edtfh$335$1@newsmaster.pathcom.com>#1/1 







Currently our unix scripts have the Oracle userid and password hard-coded in 
calls to SQLPLUS - for example "sqlplus system/manager". No kidding- the 
people who originally wrote the scripts did not even change the password for 
SYSTEM. As the DBA, I want the developers to change their scripts to use 
parameters for the userid and password and store the passwords in a password 
file which could only be read by root. This way, I could change the passwords 
whenever I wanted to without having to change every single script.



Our Unix administrator feels that this is not secure enough - that it would be 
easy to hack in. He would like a more complete solution. He would like to know 
if there are any 3rd party products which would handle this plus other other 
Oracle issues. Can anyone tell me if they currently use such tools and what 
their experiences have been.



We are running Oracle 7.2.2 on HP-UX  V9 (soon to be Oracle 7.3 on HP-UX V10).


                                                         Rosemary Fleming 


Received on Wed Feb 19 1997 - 00:00:00 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US