Re: Keeping Passwords Secure

From: Rick Wessman <rwessman_at_rwessman.us.oracle.com>
Date: 27 Sep 1994 15:01:14 GMT
Message-ID: <RWESSMAN.94Sep27080115_at_rwessman.us.oracle.com>


In article <779830068snz_at_syntaxis.demon.co.uk> Ian_at_syntaxis.demon.co.uk (Ian Dixon) writes:

>In article <1994Sep16.135357.26557_at_emba.uvm.edu>
> wvan_at_moose.uvm.edu "Warren Van-Wyck" writes:
>
>[stuff deleted]
>
>> I asked a similar question a few months ago but never got an answer.
>> It appears that the program that is running can alter what appears in
>> the 'ps -f' display for commands. In fact for 'runform' (aka 'iad')
>> if a UserId/Password is entered on the command line, it does NOT show
>> in a 'ps' display (at least for AIX 3.2.5 and SQL*Forms 3.0).
>
>As far as I recall (this is from home), entering a user/password on
>the command line for any Oracle program on the Sequent at work means
>that they can be seen using ps -ef. On an Ultrix box however, there
>are spaces where you would expect the un/pwd to be.
Oracle attempts to delete the username/password. This works on O/S's that are related to 4.2 (e.g. Ultrix). But, on System V-based operating systems, the arguments are copied to an area that cannot be modified by Oracle, so it shows up.

>
>> So Oracle has demonstrated that they can do something.
>> The outstanding question is why they don't do the same sort of
>> modification for SQL*Plus and save the Oracle users (us) another
>> round of these discussions and also provide some elementary
>> security for UserId/Passwords? ? ?
>
>I believe that Oracle do what they can but that the problem is
>caused by Unix. I'm no Unix expert but, as I recall, you can see
>the password on System V (eg Sequent) but not on BSD (eg Ultrix). It
>has something to do with the permissions on the file which holds
>the process details. For BSD Oracle can (and does) write to this
>file but, for System V, it's not allowed to.
>Any Unix experts out there like to expand on this or tell me that
>I'm completely wrong?

See above explanation.

As Ian notes, this problem is inherent in some Unices. As Oracle as an application that runs on top of the operating system, there is no way for it to change the behavior of the O/S.

>
>>
>>
>> : You have have only 2 good options as I see them. 1) change the behavior
>> : of ps or 2) change the behavior of sqlplus.
>>
>> Oracle should change the behavior of sqlplus.
>>
>
>How about a third - change the behaviour of Unix
>

I have a fourth alternative. Use externally-authenticated (ops$) logins, so no password is visible at all.

                                Rick
                                Rick Wessman
                                Server Techologies - Network Products
                                Oracle Corporation
                                rwessman_at_us.oracle.com
Received on Tue Sep 27 1994 - 16:01:14 CET

Original text of this message