Re: Hidden passwords..once more.
From: Murat Cakir <muratc_at_knidos.cc.metu.edu.tr>
Date: 1996/05/30
Message-ID: <Pine.HPP.3.90.960530155619.23630A-100000_at_knidos.cc.metu.edu.tr>#1/1
name of the script, the fake name seen in ps */
}
Date: 1996/05/30
Message-ID: <Pine.HPP.3.90.960530155619.23630A-100000_at_knidos.cc.metu.edu.tr>#1/1
On 29 May 1996, GT Cherer wrote:
> To solve the uid/passwd used in a script being seen by a unix 'ps', you can;and write the c code below, (which is very simple though)
> use an OPS$ login (still trying to get clear on this one..)
> pad the sqlplus command with 250 spaces before the uid/passwd
> put the uid/passwd in a 700 file and `cat it`
^^^ If you trust perm. 700 is secure enough for you, you can write sqlplus uid/passwd in a shell script instead and name it as, say, "script1"
main ()
{
execlp("script1","vi",0); /* ^^^^^ ^^
name of the script, the fake name seen in ps */
}
Murat Cakir
METU Computer Center - Library Automation Group
muratc_at_knidos.cc.metu.edu.tr cmurat_at_rorqual.cc.metu.edu.tr Tel : 2102087/109 Fax : 2101120Received on Thu May 30 1996 - 00:00:00 CEST