Re: linux/sqlplus scripting to obscure permissions

  • From: Chris King <ckaj111@xxxxxxxx>
  • To: Oracle-l Digest Users <oracle-l@xxxxxxxxxxxxx>
  • Date: Wed, 14 Oct 2015 15:06:54 +0000 (UTC)

I see a theme here.. internal database code.. PL/SQL to the rescue!  Thanks..
I'll give that a go.

From: "Deas, Scott" <Scott.Deas@xxxxxxx>
To: "ckaj111@xxxxxxxx" <ckaj111@xxxxxxxx>; Oracle-l Digest Users
<oracle-l@xxxxxxxxxxxxx>
Sent: Wednesday, October 14, 2015 10:42 AM
Subject: RE: linux/sqlplus scripting to obscure permissions

#yiv6982908686 #yiv6982908686 -- _filtered #yiv6982908686
{font-family:Helvetica;panose-1:2 11 6 4 2 2 2 2 2 4;} _filtered #yiv6982908686
{font-family:Helvetica;panose-1:2 11 6 4 2 2 2 2 2 4;} _filtered #yiv6982908686
{font-family:Calibri;panose-1:2 15 5 2 2 2 4 3 2 4;} _filtered #yiv6982908686
{font-family:Tahoma;panose-1:2 11 6 4 3 5 4 4 2 4;}#yiv6982908686
#yiv6982908686 p.yiv6982908686MsoNormal, #yiv6982908686
li.yiv6982908686MsoNormal, #yiv6982908686 div.yiv6982908686MsoNormal
{margin:0in;margin-bottom:.0001pt;font-size:12.0pt;}#yiv6982908686 a:link,
#yiv6982908686 span.yiv6982908686MsoHyperlink
{color:blue;text-decoration:underline;}#yiv6982908686 a:visited, #yiv6982908686
span.yiv6982908686MsoHyperlinkFollowed
{color:purple;text-decoration:underline;}#yiv6982908686
span.yiv6982908686EmailStyle17 {color:#1F497D;}#yiv6982908686
.yiv6982908686MsoChpDefault {font-size:10.0pt;} _filtered #yiv6982908686
{margin:1.0in 1.0in 1.0in 1.0in;}#yiv6982908686 div.yiv6982908686WordSection1
{}#yiv6982908686 Chris,   Are you sure you want this controlled directly in
the script?  Would it make more sense to have a package do the work, and the
users have access to execute the package?   If you really do want to use the
script, I would look into Oracle wallets if you want to hide the authentication
of the script from the user, but my preference would be individual login
accounts with access to execute the package (which gives you auditing options
as a result).   Thanks, Scott  

From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx]On
Behalf Of Chris King
Sent: Wednesday, October 14, 2015 10:27 AM
To: Oracle-l Digest Users
Subject: linux/sqlplus scripting to obscure permissions   I've written two sql
scripts which can be used to expand a tablespace. The intent is to make these
scripts available to non-DBAs to manage potential off-hours issues.   
Because the scripts will be run by non-DBAs, I would like to modify them such
that the user will not have direct passwords or database permissions, but just
permission to execute the scripts. i.e. the scripts will handle all permission
issues.   I'm having trouble finding the details of how to do this both on the
linux and oracle side of things. So far for Oracle, I've found the externally
identified type accounts, but I'm concerned that this may not be secure. And
for scripting on linux, I'm at a loss.   Could someone point me in the right
direction?   Many thanks!     Notice of Confidentiality: **This E-mail and
any of its attachments may contain
Lincoln National Corporation proprietary information, which is privileged,
confidential,
or subject to copyright belonging to the Lincoln National Corporation family of
companies. This E-mail is intended solely for the use of the individual or
entity to
which it is addressed. If you are not the intended recipient of this E-mail,
you are
hereby notified that any dissemination, distribution, copying, or action taken
in
relation to the contents of and attachments to this E-mail is strictly
prohibited
and may be unlawful. If you have received this E-mail in error, please notify
the
sender immediately and permanently delete the original and any copy of this
E-mail
and any printout. Thank You.**

Other related posts: