Solved

masking script argument passing

Posted on 1997-08-15
2
277 Views
Last Modified: 2013-12-26
I have a commercial package that uses a script to initiate a resident process to set up an interface to a database.  This script passes database information (like SID to use for login) as arguments to this process, which all arguments are clearly visible when you do a ps.

The user implementing this script needs more than one instance of this process running, and to do this he also has to additionally supply id and password information as arguments to this program.  This is terribly insecure since anyone who manages to do a ps can see the password.  Can anyone suggest a way to hide this information without having to muck about in the commercial package's programming (since I am not a programmer and don't have access to their source)?
0
Comment
Question by:marlah
2 Comments
 

Author Comment

by:marlah
ID: 1294384
Edited text of question
0
 
LVL 3

Accepted Solution

by:
dhm earned 100 total points
ID: 1294385
You can't hide program arguments and environment variables from everbody on every system type (you *can* do it sometimes, on some systems), but I've never seen a way to do it in a shell script (and certainly not a portable way that works on most or all systems).  The only real way to keep the Username/Password out of the environment and off the command line is to send them directly to the program, when it asks for them.  If you're using a product like Oracle (I'm guessing from your mention of "SID"), then you may be able to put the sensitive information in a script file.  For example, if you wanted to log into SQL*PLUS and execute a query, you could create a file containing:

username/password
select sysdate from dual;
quit

and then run it like this:

$ sqlplus < my-script

You can set the permissions on "my-script" so that only the people who need to use it can read it; others can't see "username" and "password".
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Need to retreive data from .TFS file exported by DVR 8 195
Expand macro to ask for filename column 8 37
List out all word 7 289
matchUp  challenge 6 60
Introduction: Displaying information on the statusbar.   Continuing from the third article about sudoku.   Open the project in visual studio. Status bar – let’s display the timestamp there.  We need to get the timestamp from the document s…
Introduction: Dialogs (2) modeless dialog and a worker thread.  Handling data shared between threads.  Recursive functions. Continuing from the tenth article about sudoku.   Last article we worked with a modal dialog to help maintain informat…
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question