Re: sqlplus problem - more on security

From: WolfAlpha <wolfalpha_spamguard_at_home.com>
Date: Fri, 09 Jul 1999 21:57:36 GMT
Message-ID: <kfuh3.13627$5i7.8005_at_news.rdc1.va.home.com>


Lets try sending this reply again...please disregard if you can see it on the server and I can't--

Have you tested this? If I call sqlplus (using substitution variables) from within a script, the sqlplus command is spawned as a separate process (with all command line arguments fully visible in a ps -ef).

Jeff S

<rtproffitt_at_my-deja.com> wrote in message news:7m2jsk$g36$1_at_nnrp1.deja.com...
> Sorry for the confusion...
>
> The whole process was controlled by a script
> in crontab...typical "search for flag" type of
> deal... Once the control script found the flag
> it would launch the main script.
>
> The main script would call the sub_script (controlled
> by userid) which sets the environment variables.
> Then the main script would call any necessary sub-processes
> to get the work done, in our case Pro/C, Loader and
> SQL/PLUS.
>
> The key is that a person's session never gets the
> user/pass variables published, and the command line
> substitutions are NEVER done at the user prompt, but
> only INSIDE another script...So I believe the history
> will only show the name of the original script file
> which was launched and not anything inside the script
> file. Even if a person could see the name of the
> main script file and even if they could list it,
> they still would not see the user/pass, because these
> are inside the sub-script, which has explicitly been
> set to 700 (no group, no world, only the user).
>
> Hope this helps a little.
> Robert Proffitt
>
>
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
Received on Fri Jul 09 1999 - 23:57:36 CEST

Original text of this message