Security question: sqlplus and the ps cmd on Unix

From: Eli Haber <haber_at_panix.com>
Date: 1995/03/29
Message-ID: <3lbti6$k6m_at_panix.com>#1/1

I am having a security problem with Oracle and Unix.

We have Oracle 7.1 installed on a SCO Unix server. Often. people log in to the Server and run SQLPlus from there using the command line:

sqlplus scott/tiger

(Of course, they use their own Oracle ID and password.)

The problem is this: If you use the Unix ps command to see what processes are running and you use the -f option, you can see the entire command line entered by another user, thus enabling you to see their password.

Is there any way around this? Received on Wed Mar 29 1995 - 00:00:00 CEST

This message: [ Message body ]
Next message: Parris Geiser: "Re: Security question: sqlplus and the ps cmd on Unix"
Previous message: Stalker: "Re: Security question: sqlplus and the ps cmd on Unix"
Next in thread: Parris Geiser: "Re: Security question: sqlplus and the ps cmd on Unix"
Reply: Parris Geiser: "Re: Security question: sqlplus and the ps cmd on Unix"
Reply: Lee Parsons: "Re: Security question: sqlplus and the ps cmd on Unix"
Reply: Gary Gapinski: "Re: Security question: sqlplus and the ps cmd on Unix"
Reply: Joe Nardone: "Re: Security question: sqlplus and the ps cmd on Unix"
Reply: Brian Graham: "Re: Security question: sqlplus and the ps cmd on Unix"
Reply: Helena M Whitaker: "Re: Security question: sqlplus and the ps cmd on Unix"
Reply: Mike Rife: "Re: Security question: sqlplus and the ps cmd on Unix"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message