Re: Any ideas for running CRON jobs under Security Requirements
- From: Jared Still <jkstill@xxxxxxxxx>
- To: hkchital@xxxxxxxxxxxxxx
- Date: Sat, 14 May 2005 13:30:20 -0700
I don't know how others do it, but I use a password server.
Usernames/passwords are kept in an encrypted file. The
server sends the passwords out encrypted via RC5.
The passwords for authenticating to the server are alas,
stored in plain text.
I have not yet been sufficiently motivated ( auditors have
not complained ) about changing that bit. Probably would
not be too difficult to convert to using SSH keys.
Details may be found in "Perl for Oracle DBA's".
What, you think I would write that in Python? ;)
Jared
On 5/13/05, Hemant K Chitale <hkchital@xxxxxxxxxxxxxx> wrote:
>
>
> How do you run CRON jobs {Online Backups, DB Monitoring} on Database
> Servers
> when IT Security / SOX requirements state that
> a) No userid-password pairs are to be kept in plain-text in any files
> b) connect / as sysdba is not to be used
>
> I can handle a) with CRON jobs running under the "oracle" account with
> "connect / as sysdba"
> at the beginning of SQL scripts. I can handle b) if I hard code a
> userid/password with the
> appropriate privileges. How do I handle both requirements ?
>
>
>
> Hemant K Chitale
> http://web.singnet.com.sg/~hkchital
>
>
> --
> //www.freelists.org/webpage/oracle-l
>
--
Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist
--
//www.freelists.org/webpage/oracle-l
Other related posts:
