Re: Security question: sqlplus and the ps cmd on Unix

On 30 Mar 1995, Joe Nardone wrote (in part):

> Eli Haber (haber_at_panix.com) wrote:
> : I am having a security problem with Oracle and Unix.
 

> : The problem is this: If you use the Unix ps command to
> : see what processes are running and you use the -f option,
> : you can see the entire command line entered by another
> : user, thus enabling you to see their password.
 

> : Is there any way around this?
>
>
> SOme other possibilities on getting around this (with varying levels of
> security)-
>
> 2. tell them to create a shell script with the right permissions
> (700) that contains
> sqlplus user/password
>

        Won't that just show up on a sub-process entry?         

        We have some batch scripts that do :

		sqlplus <<ENDPACKET
		user/password	 (or user/${PASSWORD} )
		---stuff to do---
		ENDPACKET
	Maybe this will work on your unix box.  (the identifier
	of the end-of-packet must start in column 1...can't indent it).

	For live sessions, we just insist that people use the form
		sqlplus
	   or	sqlplus user
	and enter the other info when solicited.

	helena

--
<:>-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<:>
<: Helena Whitaker, Database Administrator      helena_at_creighton.edu :>
<: Creighton University               (0800-1630 CT)   (402)280-2311 :>
<: Old Gym - 2500 California Plaza                fax  (402)280-2573 :>
<: Admin Computing-Fin Sys Spt          Platform: HP-UX 9.0.4 (unix) :>
<: Omaha, NE 68178-0046              HP 9000/887 (aka H50), 842, 806 :>
<:                            Oracle 6.0.36.7.1/Banner Finance 2.0.3 :>
<:                            Oracle 7.1.3/DeLair Patient Accounting :>
<:>-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<->-<:>