Hi Michael: Yes, and some flavors of Linux are smart enough to mask it, and there are other ways to clear the command line that I don't recall at the moment, but I could find them, if you're interested, but that doesn't stop folks from doing "sqlplus user/pwd@db", (or, exp user/pwd, or imp and so on...my personal favorite are "here" documents (see below)) 'cause its quick-and-easy! There are lots of ways to avoid this...a few years ago, I wrote several pages of instructions describing 2 or 3 different ways to avoid the construct with tools like sqlplus, exp & imp and worked with DBAs in 3 or 4 countries to get their scripts changed... Just my $.02, Jonathan Unix "here" document: sqlplus user/pwd@db << EOF select * from v\$instance; (or whatever SQL you need to run) exit EOF very quick, very easy, very familiar to most anyone on Unix servers and causes the pwd to be displayed on the command-line (again, typically). On Tue, Jul 28, 2009 at 7:37 AM, <Michael.Coll-Barth@xxxxxxxxxxxxxxxxxxx>wrote: > > > > From: oracle-l-bounce@xxxxxxxxxxxxx > > > client on the network. Also, far more information is easily > > accessible, sometimes too easily accessible (ps -ef|grep plu > > anyone? :) from the database server. > > Doesn't this work only if the UserID & Password are used on the command > line when firing up sqlplus; "sqlplus UserID/Password@DBinstance" ? > Isn't that a foolish way to do things to begin with? Particularly in > Prod? > > > > > > > > > > > > > > > The information contained in this message and any attachment may be > proprietary, confidential, and privileged or subject to the work > product doctrine and thus protected from disclosure. If the reader > of this message is not the intended recipient, or an employee or > agent responsible for delivering this message to the intended > recipient, you are hereby notified that any dissemination, > distribution or copying of this communication is strictly prohibited. > If you have received this communication in error, please notify me > immediately by replying to this message and deleting it and all > copies and backups thereof. Thank you. > > > -- > //www.freelists.org/webpage/oracle-l > > >