Re: Security question: sqlplus and the ps cmd on Unix
From: Stuart 'Zen' Bishop <zen_at_bf.rmit.edu.au>
Date: 1995/04/24
Message-ID: <3nfhj3$h4c_at_aggedor.rmit.EDU.AU>#1/1
Date: 1995/04/24
Message-ID: <3nfhj3$h4c_at_aggedor.rmit.EDU.AU>#1/1
George Dau <gedau{mim/isamail}_at_qld.mim.com.au> writes:
>We use unix environtment variables. In a file run from the .profile
>we set $VARBLE to be "scott/tiger" and run
>sqlplus $VARBLE _at_script
>to get around this.
Environment variables are just as insecure. If your system uses a BSDish 'ps' command, try 'ps aewww | more'. There may well be a similar one for System V derived systems.
-- _____ // // __ For a good time call http://www.bf.rmit.edu.au/~zen // // / \ I\ I zen_at_rmit.edu.au // // (-- I \I Unix Systems Administrator // // \__/ I I alias Stuart Bishop Business Faculty, RMIT // ((_______________________________________________________________________//Received on Mon Apr 24 1995 - 00:00:00 CEST