Re: ? Passing userid/password

From: Guest Account <guest_at_sgi.com>
Date: Wed, 30 Jun 1993 20:15:27 GMT
Message-ID: <C9GAxr.A29_at_odin.corp.sgi.com>

In article <1993Jun30.143130.19167_at_newsgate.sps.mot.com> ttg242_at_newton.sps.mot.com writes:
>In article 68s_at_uk.ac.brookes, p0070621_at_oxford-brookes.ac.uk (Tommy Wareing) writes:
>Stuff deleted ...
>>
>>***HAVING THE PASSWORD AS AN ENVIRONMENT VARIABLE IS NOT SAFE***
>>
>>This may not be the case under other OS's, but do you really want to
>>risk this?
>>
>>Either use an OPS$ username, or make it a user exit (which will give
>>you the most flexability anyway).
>>
>Also not secure in a SQL*Net environment. I can create a user on my
>machine with your userid and use that to log into your OPS$ account
>on your machine (or any other come to that).
>
>---
>Regards,
>David TvE
>
>
>

I'm quite sure David is wrong (Sorry !). For what he says to happen, the remote process on "your" (see above) machine should be created under the same usercode, which could be controlled. I've worked in a system where OPS$ usercodes worked very successfully (in a SQL*NET env).

Could someone clarify ????

ram Received on Wed Jun 30 1993 - 22:15:27 CEST

This message: [ Message body ]
Next message: Ian Dixon: "Re: ? Passing userid/password"
Previous message: David Thornewill von Essen: "Re: ? Passing userid/password"
Maybe in reply to: thilde_at_mcdga2.cr.usgs.gov: "? Passing userid/password"
In reply to Tommy Wareing: "Re: ? Passing userid/password"
Next in thread: Ian Dixon: "Re: ? Passing userid/password"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message