masking script argument passing

I have a commercial package that uses a script to initiate a resident process to set up an interface to a database.  This script passes database information (like SID to use for login) as arguments to this process, which all arguments are clearly visible when you do a ps.

The user implementing this script needs more than one instance of this process running, and to do this he also has to additionally supply id and password information as arguments to this program.  This is terribly insecure since anyone who manages to do a ps can see the password.  Can anyone suggest a way to hide this information without having to muck about in the commercial package's programming (since I am not a programmer and don't have access to their source)?
marlahAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

marlahAuthor Commented:
Edited text of question
0
dhmCommented:
You can't hide program arguments and environment variables from everbody on every system type (you *can* do it sometimes, on some systems), but I've never seen a way to do it in a shell script (and certainly not a portable way that works on most or all systems).  The only real way to keep the Username/Password out of the environment and off the command line is to send them directly to the program, when it asks for them.  If you're using a product like Oracle (I'm guessing from your mention of "SID"), then you may be able to put the sensitive information in a script file.  For example, if you wanted to log into SQL*PLUS and execute a query, you could create a file containing:

username/password
select sysdate from dual;
quit

and then run it like this:

$ sqlplus < my-script

You can set the permissions on "my-script" so that only the people who need to use it can read it; others can't see "username" and "password".
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
System Programming

From novice to tech pro — start learning today.