Re: Security question: sqlplus and the ps cmd on Unix

From: Stuart 'Zen' Bishop <zen_at_bf.rmit.edu.au>
Date: 1995/04/24
Message-ID: <3nfhj3$h4c_at_aggedor.rmit.EDU.AU>#1/1

George Dau <gedau{mim/isamail}_at_qld.mim.com.au> writes:

>We use unix environtment variables. In a file run from the .profile
>we set $VARBLE to be "scott/tiger" and run
>sqlplus $VARBLE _at_script
>to get around this.

Environment variables are just as insecure. If your system uses a BSDish 'ps' command, try 'ps aewww | more'. There may well be a similar one for System V derived systems.

--


 _____                 
//  //    __          For a good time call    http://www.bf.rmit.edu.au/~zen //
   //    /  \   I\ I    zen_at_rmit.edu.au                                     //
  //    (--     I \I                          Unix Systems Administrator   //
 //      \__/   I  I  alias Stuart Bishop     Business Faculty, RMIT      //
((_______________________________________________________________________//

Received on Mon Apr 24 1995 - 00:00:00 CEST

This message: [ Message body ]
Next message: Wilhelm Olander: "Re: Horrible export error"
Previous message: Steve Edelstein: "Oracle Forms 4.0 Tutorial..."
Maybe in reply to: Dave Mausner: "Re: Security question: sqlplus and the ps cmd on Unix"
In reply to George Dau: "Re: Security question: sqlplus and the ps cmd on Unix"
Next in thread: Wilhelm Olander: "Re: Horrible export error"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message