Re: Hidden passwords..once more.

Another alternative in UNIX is:

sqlplus <<!
uid/password _at_sqlscript.sql
!

where the exclamation (!) is a marker saying "read until next marker". Ask your system administrator if you have more questions about this. This also means the file has to be protected since it now stores a uid/password combination. Here are my thoughts on password files vs. OPS$ logins.

(1) Either method prevents the ps command from displaying uid/password (2) If you concern is unauthorized access, consider this

• if an unauthorized user gains access to your login account, OPS$ is wide open for database access; however, files containing passwords still have to be found and read to be used (requires more time and effort than OPS$).
• assess the vulnerability of inadvertent access to files versus logon accounts (recall there is an /etc/password file for ALL UNIX system access).
• a combination of a password encryption/decryption method (commerically available) is more secure than OPS$

Enjoy.

Steve
804-262-6332

In <4oo749$6ac_at_alpine.valleynet.com> jared_at_valleynet.com (Jared Still) writes:
>
>gcherer_at_millenium.texas.net (GT Cherer) wrote:
>
>>Dudes-
>>Yes, i know that the question has been raised before, but until there
 is
>>a consistent FAQ, i'm afraid some of the same questions - those that
>>continue to bug a lot of folks - will keep popping up. Please,
>>excuuuuuuuuse me.
 

>>To solve the uid/passwd used in a script being seen by a unix 'ps',
 you can;
>> use an OPS$ login (still trying to get clear on this one..)
 

>> pad the sqlplus command with 250 spaces before the uid/passwd
>this method is similar to that used in 'hide.c', a program available
>from Oracle for the asking.
>
>>--
>>G.T. Jeff Cherer gcherer_at_texas.net
>>"You miss 100% of the shots you don't take."
>> - Wayne Gretzky, hockeyist, philosopher
>
>Jared Still, Oracle DBA
>RxNet, Division of Value Health
>"All opinions are mine, not my employers"
>jared_at_valleynet.com
>
Received on Tue Jun 04 1996 - 00:00:00 CEST