Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: sqlplus security
Rename the sqlplus exe and replace it with a script that exits if any
parameters have a / in them...
Batch jobs wont work unless you use the renamed version or use acl's and allow only a batch user to use the renamed exe...
Let me know if this works...I have never tried it.
Bobby Mander wrote in message <6m5tip$rgp_at_anchor.cis.att.com>...
>Hi. Is there any way to prevent users from logging in
>to the database using:
>
>$ sqlplus <user>/<password>
>
>This presents a security problem since anyone doing a ps
>can pick these up.
>
>We would like people to login using:
>$ sqlplus
>Enter user-name: <user>
>Enter password: <password>
>
>Alternatively can sqlplus disguise it's command line arguments so no one
>can pick them up?
>
>--
>---------------------------------------------------
>Bobby Mander bum_at_hyperplane.com
>Hyperplane, Inc. bmander_at_att.net
> http://home.att.net/~bmander/
Received on Tue Jun 16 1998 - 12:20:32 CDT