Re: hide sqlplus pwd

• From: David Fitzjarrell <oratune@xxxxxxxxx>
• To: eugene.pipko@xxxxxxxxxxxx, Jared Still <jkstill@xxxxxxxxx>
• Date: Sat, 31 Oct 2009 15:59:19 -0700 (PDT)

Eugene,

Have you considered this option:

sqlplus /nolog @c:\jobs\task1
 
Editing task1.sql by adding the following as the first line:
 
connect <user>/<pass>
 
should prevent any username and password from being visible to prying eyes.  Of 
course the username/password is visible to anyone with privilege to read the 
script text but for someone not privileged to view such files it prevents the 
account information from being visible through operating system tools such as 
tasklist /v (on Windows) and ps (on UNIX/Linux).
 
 
David Fitzjarrell




________________________________
From: Eugene Pipko <eugene.pipko@xxxxxxxxxxxx>
To: Jared Still <jkstill@xxxxxxxxx>
Cc: oracle-l List <oracle-l@xxxxxxxxxxxxx>
Sent: Sat, October 31, 2009 3:52:07 PM
Subject: RE: hide sqlplus pwd


@Jared
Some users have access to the scheduler and can see the password pretty easy. 
The user under which tasks are being executed is quite powerful.
I am trying to avoid potential recovery some day.
What I am trying to do is to be able to run our scheduled tasks by running 
something like:
Sqlplusw.exe / @c:\jobs\task1.sql; 
Perhaps every script that I run will contain a wrapped procedure that would 
contain user/pwd and database info. 
 
@Robert
Thanks for the tip. I am not sure, but hope that my users are not that advanced.
 
@Andre
It sounds that what I am trying to do and what you’re talking about is in the: 
http://download.oracle.com/docs/cd/B10501_01/win.920/a95492.pdf
Is that right?
 
 
Regards,
 
Eugene Pipko
Seattle Pacific Industries
office: 253.872.5243
cell: 206.304.7726
P Please consider the environment before printing this e-mail.
 
From:Jared Still [mailto:jkstill@xxxxxxxxx] 
Sent: Friday, October 30, 2009 5:50 PM
To: Eugene Pipko
Cc: oracle-l List
Subject: Re: hide sqlplus pwd
 
 
On Fri, Oct 30, 2009 at 3:22 PM, Eugene Pipko <eugene.pipko@xxxxxxxxxxxx> wrote:
We’re running Oracle 8,9,10 on Windows. Third party scheduler program executes 
scripts against Oracle as:
sqlplusw.exe user/pwd@db @c:\jobs\task1.sql
What are the ways of hiding user/pwd from curious eyes?
 
 
Some clarification on what you are trying to hide might be useful.
 
Are you trying to prevent the passwords from appearing in the scheduled scripts?
 
Or the log files?
 
Or something else?
 
As this is windows, it doesn't really have the ps command available to show
the password.  Even if ps is available, I don't think it shows the password.
 
IAC, more info is needed.
 

Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist
Oracle Blog: http://jkstill.blogspot.com
Home Page: http://jaredstill.com


      

• References:
  • hide sqlplus pwd
    • From: Eugene Pipko
  • Re: hide sqlplus pwd
    • From: Jared Still
  • RE: hide sqlplus pwd
    • From: Eugene Pipko

Other related posts:

• » hide sqlplus pwd- Eugene Pipko
• » Re: hide sqlplus pwd- Jared Still
• » Re: hide sqlplus pwd- Robert Freeman
• » Re: hide sqlplus pwd- Andre van Winssen
• » RE: hide sqlplus pwd- Eugene Pipko
• » Re: hide sqlplus pwd - David Fitzjarrell
• » Re: hide sqlplus pwd- Jared Still
• » Re: hide sqlplus pwd- Karl Arao
• » hide sqlplus pwd- Reardon, Bruce (RTABBAY)

1. Home
2. oracle-l
3. Archive
4. 10-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---