Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Hiding password on the server side
Here documents (<<EOF) create unneccessary temporary files and expose the password one more time. I would rewrite the script below as
pwd=`/dba/tools/manage_db_pwd GET $db $user`
sql_script="
connect $db_user/$pwd
... other commands
exit
"
print $sql_script | sqlplus -s /nolog
Myron Wintonyk <mwintony_at_med.ualberta.ca> wrote in message
news:3A9ADD5F.3FBD1828_at_med.ualberta.ca...
> I "hate" scripts with imbedded passwords (they are s security risk and
they
> ALL need to be changed when the password changes).
>
> Therefore, I have a script which will return a password. Here is an
example
>
> of it's use:
>
> pwd=`/dba/tools/manage_db_pwd GET $db $user`
> sqlplus -s /nolog <<EOF
> connect $db_user/$pwd
> ... other commands
> exit
> EOF
>
> Hope this helps.
>
>
> SaraN wrote:
>
> > Currently I are running some Sql scripts for certain data feeds. While
> > this is feed is on, users logged onto this machine are able view my
> > database passwords by doing a ps - ef on the system.
> >
> > I would like to hide the password. I vaguely remember a hide.c function
> > which would enable me to do this. Am I right. If I am where would I find
> > it. Any help on this would be really appreciated.
> >
> > Thanks IA
> >
> > SaraN
> > vishmayaa_at_yahoo.com
>
Received on Wed Feb 28 2001 - 17:55:02 CST