When you execute a sqlplus session from a unix command line as such (sqlplus
/) you can see the user name and password by doing a simple ps –ef from the command line. This of course is a serious security violation. One way to avoid this is to allow sqlplus to prompt you for the password.
If you are executing a script (sqlplus / @scriptname.sql) you will be able to do a ps –ef and see it there as well. To avoid this you can imbed a connect string (connect /) into the first line of the sql script you are executing(sqlplus @scritpname.sql).
Another way to do this would be using an OS authenticated user account to execute the sql script (sqlplus / @scriptname.sql).
However, since we use SAS and since SAS does not play well with Oracle’s OS Authentication and requires a username/password you could try it this way:
echo password |sqlplus username @scriptname.sql
Thanks
No comments:
Post a Comment