Re: ps shows user/password under Unix - SU
Date: Mon, 21 Feb 94 09:49:47 CST
Message-ID: <2kal5m$k39_at_news.iastate.edu>
In article <Zg7J+g-.cdjohnson_at_delphi.com>,
cdjohnson_at_delphi.com writes:
><GO.MSB_at_ISUMVS.IASTATE.EDU> writes:
>
>>We are running BSD unix on ULTRIX and so do not have the ps problem.
>>However, the point of passwords in files raises a problem we have:
>>
>> How does one generate reports from within SQL*Forms without having
>> the password in a script file. We run reports from SQL*Plus scripts
>> (which we generate from shell scripts with the query comimg from forms
>> using the HOST exit). Since SQL*Forms cannot/(will not) pass any
>> password info, the only recourse is to store the sql*plus logon info
>> in a file (user can of course be passed through, but pw ????).
>>
I just thought of a possible solution to this problem and wanted an opinion or two (especially from oracle people):
Since I, as DBA, can create a view to enable a user to pick up their own encoded password from sys.user$ (granting them select access on the view), I could, in the form, fetch the encoded password into a variable, change the users password, run the HOST command and SQL*Plus with the new password, and then reset the users password (using identified by values 'encoded string') when the HOST command returns control to the form.
I realize there is a hole in this if the sytem should crash before the password is reset. This is something I can live with. Also, I am assuming here that I can use the grant command in a trigger with the username and password as variables/fields. Is this a problem (haven't tested this yet)? Are there any other obvious problems I have missed?
Thanks for your time.
Marvin Beck Iowa State University Received on Mon Feb 21 1994 - 16:49:47 CET