Re: [Q] about hiding command line password in UNIX

From: Joel Garry <joelga_at_pebble.ml.org>
Date: 1998/03/26
Message-ID: <6feles$k6j$1_at_pebble.ml.org>#1/1

In article <351A9112.34FF_at_sabre.com>, Poorna Prakash <poorna_prakash_at_sabre.com> wrote:
>Hi Folks,
>
>When invoking SQL scripts with parameters (&1,&2...), from the operating
>system, I specify the parameters on the command line. Since some of the
>scripts have several 'CONNECT' statements, I pass passwords
>of user accounts.
>
>In Unix the command to check process information, ps -ef, displays
>the programs currently executing and there I see my program with the
>password, which I entered on the command line.
>
>Is there a way by which I could suppress, by specifying a password file
>which sqlplus executable will look for to match a user account. A very
>similar example would be, the command ftp which looks for file '.netrc'
>to connect to a remote machine when invoked using 'here documents', in a
>shell program.
>
>Any suggestion is very much appreciated. Thanks.

There are a number of ways to do this. More information is available if you do a search of the dejanews "old" database for, perhaps, ps Oracle hide. I think the answer you may be looking for is to have the passwords in a file, redirect input from the file, and just connect to the user (which will echo as a password input with the password noechoed). Try running your scripts with no password to see what I mean - you will have to type them in.

Off the top of my head, here are some other solutions which may or may not be useable for what you want to do:

Use OPS$ functionality
replace ps
here documents
make it look like a different program to ps (see the book "Unix Power Tools or find the hide.c program from oracle)
put 256 blank spaces before the password (doesn't work for all ps) http://www.orafaq.org/faqmain.htm has shell solutions

>
>-Poorna Prakash
> Oracle DBA

-- 
These opinions are my own and not necessarily those of Information Quest
jgarry_at_eiq.com                           http://www.informationquest.com
http://ourworld.compuserve.com/homepages/joel_garry
"See your DBA?"  I AM the _at_#%*& DBA!

Received on Thu Mar 26 1998 - 00:00:00 CET

This message: [ Message body ]
Next message: Rangarajan Radhakrishnan: "Re: [Q] about hiding command line password in UNIX"
Previous message: John P. Higgins: "Re: [Q] about hiding command line password in UNIX"
In reply to Poorna Prakash: "[Q] about hiding command line password in UNIX"
Next in thread: Rangarajan Radhakrishnan: "Re: [Q] about hiding command line password in UNIX"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message