Re: Keeping Passwords Secure

In article <1994Sep14.193534.1_at_corp02.d51.lilly.com>, jl34778_at_corp02.d51.lilly.com writes:
> Have you thought about using OPS$ accounts? This would require that you have a
> separate unix ID for each user. I would assume that you have this, otherwise
> the students would be able to see each other's text files.
>
I started off with OPS$. Unfortunately, when you conect to Oracle via SQL*Net, `identified externally' accounts are meaningless, because you could easily have a user with a remote Unix account, an Oracle account, but no local Unix account on the Oracle server. I considered running `Parallel Server' everywhere, but the equipment has plenty other stuff to do as well, and I can't commit the resources.

> I'm not sure what you mean by your 'multiple hp/9000' setup. I hope that this
> is helpful
>
One of the HP9000/700s is the Oracle server host, the others have students logging in to use SQL*Plus. Hence they're connecting via SQL*Net, and the OPS$ scheme doesn't work.

I had some useful suggestions by email from David Rolfe (of Sun, apparently?) involving adding some whitespace to the front of `username/password' strings until they disappear off the end of the command line quoted by `ps'. This strategy looks promising. It still doesn't get me past the `looking over the shoulder' problem though, and I find it difficult to believe that this hasn't been a significant problem elsewhere, let alone remained completely unaddressed by Oracle all these years.

-- 
SAm.                              -- (Insert bandwidth-wasting disclaimer here)