Re: Oracle Security

From: Colin Hoskins <colin_at_cerberus.bhpese.oz.au>
Date: Tue, 31 Jan 1995 21:01:50 GMT
Message-ID: <1995Jan31.210150.377_at_cerberus.bhpese.oz.au>

schueman_at_access.digex.net (Greg Schueman) writes:

>In article <D2vGIz.4Cy_at_world.std.com>,
>Lee E Parsons <lparsons_at_world.std.com> wrote:
>>>A script file doesn't help! I just wrote a script file sqlplus and called it
>>>as "sqlplus bla/bla". Here's what ps -e gives in another telnet session on the
>>>same machine:
>>
>>It also has to nice effect of keeping the username portion of the
>>connect string. The real plus picks up seamlessly and asks for
>>the password.
>>
>>Comments?
>>
>># before it was pushed out of the process table
>>#
>>USER=`echo $1 | sed "s?/.*_at_?@?;s?/.*??"`
>>exec sqlplus $USER
>>--

>I'd suggest doing neither of these. Try using a Here Document inside a
>script. For example:
> #
> # sample script
> #
> sqlplus <<-EOF
> userid/passwd_at_whatever
> EOF

>Notice that the dash on first line allows arbitrary tabs to be used in
>the lines following it. No password or userid can ever show up
>in the process list with this technique.

>Greg Schueman

Take it one step further:

store bla/bla in a file, say /wherever/bla_pwd.sql
setup a suitable file protection on this file
then run sqlplus _at_/wherever/bla_pwd <<-EOF code... EOF

This has the added benefit of only 1 file to change should the password change (not dozens of application programs).

Colin Hoskins. Received on Tue Jan 31 1995 - 22:01:50 CET

This message: [ Message body ]
Next message: Vito Kwan: "Re: Personal Oracle7"
Previous message: Lisa Roderick: "Re: Oracle on DEC ALPHA"
Maybe in reply to: hcurtis_at_hcurtis.pdial.interpath.net: "Oracle Security"
Next in thread: Vito Kwan: "Re: Personal Oracle7"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message