Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Password management
We run a variety of scripts on UNIX systems. For those scripts, we created a file which just has one word in it, the password. Call this file 'pswd'. Then change the rights on that file so that only the Oracle user can see it ( chmod 400 pswd ). When running a script, redirect the password file into SQL*Plus. For instance:
sqlplus userid @scriptname < pswd
We have many scripts called as above. These scripts are called in cron, or other scripts. Instead of changing the password everywhere, we just change the password in the one file and every script will still work.
> changed. We do not use Oracle's OS authentication feature because
> neither NT nor UNIX are hecker proof (even though you can basically
> assume Oracle is compromised when the hecker gets OS's super
> user/administrator access).
This is the one major drawback of the above method. But as you pointed out, if someone hacks into root, then they can get to the database as well as my pswd file and/or the database.
HTH,
Brian
-- ======================================== Brian Peasland Raytheons Systems at USGS EROS Data Center These opinions are my own and do not necessarily reflect the opinions of my company! ========================================Received on Tue Mar 28 2000 - 00:00:00 CST