Re: Hiding username/password from ps

From: Bill Manry - Oracle Corp. <bmanry_at_ibmgate-aix.us.oracle.com>
Date: 1995/12/28
Message-ID: <4bur47$bon_at_inet-nntp-gw-1.us.oracle.com>#1/1

The so-called OPS$ (OS-authenticated) Oracle userids are the preferred solution assuming that you trust the authentication mechanism(s) of your OS. I recommend using "" as your prefix (rather than "OPS$") so Oracle userids are the same as OS userids. OS-authenticated userids may not be an option if you are dealing with established schemas or are using SQL*Net. In that case you are going to put the Oracle userid and password in some kind of file (readable, executable, or whatever) and rely on native OS protection mechanisms to secure the file. One simple approach to this is to place a CONNECT statement in a login.sql file and invoke SQL*Plus with /NOLOG as its first argument. Example (ksh under AIX):

$ echo "connect scott/tiger" >login.sql
$ chmod 0600 login.sql
$ sqlplus /nolog

SQL*Plus: Release 3...[snip]

Connected.
SQL> For "batch" operation of course you would include _at_ or redirect stdin/stdout on the command line. There is a search hierarchy for the login.sql file, so read the SQL*Plus doc carefully (including your platform-specific manuals) before implementing this.

--
Bill Manry  -  Mainframe and Integration Technologies  -  Oracle Corporation
Standard disclaimer applies.

Received on Thu Dec 28 1995 - 00:00:00 CET

This message: [ Message body ]
Next message: Phillip D. Jackson: "Re: Abbreviate Oracle Table Names?"
Previous message: Peter David THOMPSON: "Re: Hiding username/password from ps"
Maybe in reply to: Andy Caiger: "Hiding username/password from ps"
Next in thread: Phillip D. Jackson: "Re: Abbreviate Oracle Table Names?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message