That's my understanding as well - hence my question to the OP. Sreejith - see http://www.oracle-base.com/articles/10g/SecureExternalPasswordStore_10gR2.php for a how to. On Mon, May 16, 2011 at 3:38 PM, D'Hooge Freek <Freek.DHooge@xxxxxxxxx>wrote: > Pete, > X-archive-position: 36300 > X-ecartis-version: Ecartis v1.0.0 > Sender: oracle-l-bounce@xxxxxxxxxxxxx > Errors-to: oracle-l-bounce@xxxxxxxxxxxxx > X-original-sender: Freek.DHooge@xxxxxxxxx > Precedence: normal > Reply-To: Freek.DHooge@xxxxxxxxx > List-help: <mailto:ecartis@xxxxxxxxxxxxx?Subject=help> > List-unsubscribe: <oracle-l-request@xxxxxxxxxxxxx?Subject=unsubscribe> > List-software: Ecartis version 1.0.0 > List-Id: oracle-l <oracle-l.freelists.org> > X-List-ID: oracle-l <oracle-l.freelists.org> > List-subscribe: <oracle-l-request@xxxxxxxxxxxxx?Subject=subscribe> > List-owner: <mailto:steve.adams@xxxxxxxxxxxx> > List-post: <mailto:oracle-l@xxxxxxxxxxxxx> > List-archive: <//www.freelists.org/archives/oracle-l> > X-list: oracle-l > > Am I correct in thinking that the Oracle Wallet solution can be used > without needing advanced security as long as the authentication is password > based? > > Following links seem to suggest so, but I'm not certain: > > > http://download.oracle.com/docs/cd/B19306_01/license.102/b14199/editions.htm#sthref32 > > http://download.oracle.com/docs/cd/B19306_01/license.102/b14199/options.htm#sthref40 > > > Kind regards, > > Freek D'Hooge > Uptime > Oracle Database Administrator > email: freek.dhooge@xxxxxxxxx > tel +32(0)3 451 23 82 > http://www.uptime.be > disclaimer: www.uptime.be/disclaimer > -----Original Message----- > From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] > On Behalf Of Pete Finnigan > Sent: maandag 16 mei 2011 15:48 > To: Sreejith.Sreekantan@xxxxxxxxxx > Cc: oracle-l@xxxxxxxxxxxxx > Subject: Re: Encrypt sensitive passwords in shell script - Which one do you > prefer ? > > Have a look at Oracle secure external password store - > > http://www.oracle-base.com/articles/10g/SecureExternalPasswordStore_10gR2.php > or if you want a free solution look at OPR - http://opr.sourceforge.net > > cheers > > Pete > > Sreejith S Nair wrote: > > Hi List, > > > > I am looking for various options to encrypt a sensitive password in a > > unix shell script. After a bit of googling, I learned about 'shc'. > > Can you please advice on what things you use for this purpose, if any ? > > > > My requirement / idea is > > > > A .sql file will have to be executed by a shell script in SQLPLUS as > > USER/XXXX . The .sql file will be prepared by developer and will be put > > to a directory to which their osuser - say 'user1' will have write > > access. I will have 'oracle' user in the server , who is the DBA user. I > > want them to run this SQL like, *runthis.sh test.sql *where runthis.sh > > is owned by oracle user and will reside in some directory owned by DBA > > user. I am planning to configure schema password (USER/XXXX) in > > runthis.sh , which a developer is not supposed to know. > > But if I give execute permission for 'user1' to runthis.sh, it becomes > > readable and all can read the password. Is there anyway , I can store > > encrypted password in SQLPLUS connect string in this file / encrypt > > shell script as such ? > > > > Thanks in Advance. > > > > > > With Regards, > > Sreejith > > > > -- > > Sreejith S Nair > > Associate Systems Architect | AOS DBA Team > > > > > > > > > > > > > > > > DISCLAIMER: > > > > "The information in this e-mail and any attachment is intended only for > > the person to whom it is addressed and may contain confidential and/or > > privileged material. If you have received this e-mail in error, kindly > > contact the sender and destroy all copies of the original communication. > > IBS makes no warranty, express or implied, nor guarantees the accuracy, > > adequacy or completeness of the information contained in this email or > > any attachment and is not liable for any errors, defects, omissions, > > viruses or for resultant loss or damage, if any, direct or indirect." > > > > > > > > > > -- > > Pete Finnigan > Director > PeteFinnigan.com Limited > > Specialists in database security. > > Makers of PFCLScan the database security auditing tool. > > If you need help to audit or secure an Oracle database, please ask for > details of our training courses and consulting services > > Phone: +44 (0)1904 791188 > Fax : +44 (0)1904 791188 > Mob : +44 (0)7742 114223 > email: pete@xxxxxxxxxxxxxxxx > site : http://www.petefinnigan.com > > Registered Office: 9 Beech Grove, Acomb, York, YO26 5LD, United Kingdom > Company No : 4664901 > VAT No. : 940668114 > > Please note that this email communication is intended only for the > addressee and may contain confidential or privileged information. The > contents of this email may be circulated internally within your > organisation only and may not be communicated to third parties without > the prior written permission of PeteFinnigan.com Limited. This email is > not intended nor should it be taken to create any legal relations, > contractual or otherwise. > > -- > //www.freelists.org/webpage/oracle-l > > > -- > //www.freelists.org/webpage/oracle-l > > > -- Niall Litchfield Oracle DBA http://www.orawin.info