Chris,
Are you sure you want this controlled directly in the script? Would it make
more sense to have a package do the work, and the users have access to execute
the package?
If you really do want to use the script, I would look into Oracle wallets if
you want to hide the authentication of the script from the user, but my
preference would be individual login accounts with access to execute the
package (which gives you auditing options as a result).
Thanks,
Scott
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On
Behalf Of Chris King
Sent: Wednesday, October 14, 2015 10:27 AM
To: Oracle-l Digest Users
Subject: linux/sqlplus scripting to obscure permissions
I've written two sql scripts which can be used to expand a tablespace. The
intent is to make these scripts available to non-DBAs to manage potential
off-hours issues.
Because the scripts will be run by non-DBAs, I would like to modify them such
that the user will not have direct passwords or database permissions, but just
permission to execute the scripts. i.e. the scripts will handle all permission
issues.
I'm having trouble finding the details of how to do this both on the linux and
oracle side of things. So far for Oracle, I've found the externally identified
type accounts, but I'm concerned that this may not be secure. And for scripting
on linux, I'm at a loss.
Could someone point me in the right direction?
Many thanks!
Notice of Confidentiality: **This E-mail and any of its attachments may contain
Lincoln National Corporation proprietary information, which is privileged,
confidential,
or subject to copyright belonging to the Lincoln National Corporation family of
companies. This E-mail is intended solely for the use of the individual or
entity to
which it is addressed. If you are not the intended recipient of this E-mail,
you are
hereby notified that any dissemination, distribution, copying, or action taken
in
relation to the contents of and attachments to this E-mail is strictly
prohibited
and may be unlawful. If you have received this E-mail in error, please notify
the
sender immediately and permanently delete the original and any copy of this
E-mail
and any printout. Thank You.**
