Re: Keeping Passwords Secure
Date: 27 Sep 1994 15:01:14 GMT
Message-ID: <RWESSMAN.94Sep27080115_at_rwessman.us.oracle.com>
In article <779830068snz_at_syntaxis.demon.co.uk> Ian_at_syntaxis.demon.co.uk (Ian Dixon) writes:
>In article <1994Sep16.135357.26557_at_emba.uvm.edu>
> wvan_at_moose.uvm.edu "Warren Van-Wyck" writes:
>
>[stuff deleted]
>
>> I asked a similar question a few months ago but never got an answer.
>> It appears that the program that is running can alter what appears in
>> the 'ps -f' display for commands. In fact for 'runform' (aka 'iad')
>> if a UserId/Password is entered on the command line, it does NOT show
>> in a 'ps' display (at least for AIX 3.2.5 and SQL*Forms 3.0).
>
>As far as I recall (this is from home), entering a user/password on
>the command line for any Oracle program on the Sequent at work means
>that they can be seen using ps -ef. On an Ultrix box however, there
>are spaces where you would expect the un/pwd to be.
Oracle attempts to delete the username/password. This works
on O/S's that are related to 4.2 (e.g. Ultrix). But, on System V-based
operating systems, the arguments are copied to an area that cannot be
modified by Oracle, so it shows up.
>
>> So Oracle has demonstrated that they can do something.
>> The outstanding question is why they don't do the same sort of
>> modification for SQL*Plus and save the Oracle users (us) another
>> round of these discussions and also provide some elementary
>> security for UserId/Passwords? ? ?
>
>I believe that Oracle do what they can but that the problem is
>caused by Unix. I'm no Unix expert but, as I recall, you can see
>the password on System V (eg Sequent) but not on BSD (eg Ultrix). It
>has something to do with the permissions on the file which holds
>the process details. For BSD Oracle can (and does) write to this
>file but, for System V, it's not allowed to.
>Any Unix experts out there like to expand on this or tell me that
>I'm completely wrong?
See above explanation.
As Ian notes, this problem is inherent in some Unices. As Oracle as an application that runs on top of the operating system, there is no way for it to change the behavior of the O/S.
>
>>
>>
>> : You have have only 2 good options as I see them. 1) change the behavior
>> : of ps or 2) change the behavior of sqlplus.
>>
>> Oracle should change the behavior of sqlplus.
>>
>
>How about a third - change the behaviour of Unix
>
I have a fourth alternative. Use externally-authenticated (ops$) logins,
so no password is visible at all.
Rick Rick Wessman Server Techologies - Network Products Oracle Corporation rwessman_at_us.oracle.comReceived on Tue Sep 27 1994 - 16:01:14 CET