Solved

masking script argument passing

Posted on 1997-08-15
2
249 Views
Last Modified: 2013-12-26
I have a commercial package that uses a script to initiate a resident process to set up an interface to a database.  This script passes database information (like SID to use for login) as arguments to this process, which all arguments are clearly visible when you do a ps.

The user implementing this script needs more than one instance of this process running, and to do this he also has to additionally supply id and password information as arguments to this program.  This is terribly insecure since anyone who manages to do a ps can see the password.  Can anyone suggest a way to hide this information without having to muck about in the commercial package's programming (since I am not a programmer and don't have access to their source)?
0
Comment
Question by:marlah
2 Comments
 

Author Comment

by:marlah
ID: 1294384
Edited text of question
0
 
LVL 3

Accepted Solution

by:
dhm earned 100 total points
ID: 1294385
You can't hide program arguments and environment variables from everbody on every system type (you *can* do it sometimes, on some systems), but I've never seen a way to do it in a shell script (and certainly not a portable way that works on most or all systems).  The only real way to keep the Username/Password out of the environment and off the command line is to send them directly to the program, when it asks for them.  If you're using a product like Oracle (I'm guessing from your mention of "SID"), then you may be able to put the sensitive information in a script file.  For example, if you wanted to log into SQL*PLUS and execute a query, you could create a file containing:

username/password
select sysdate from dual;
quit

and then run it like this:

$ sqlplus < my-script

You can set the permissions on "my-script" so that only the people who need to use it can read it; others can't see "username" and "password".
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Include multiple hostnames in this command? 3 51
ShiftLeft challenge 21 66
Fibonacci challenge 11 82
Path of Workbook 3 45
In this article, I'll describe -- and show pictures of -- some of the significant additions that have been made available to programmers in the MFC Feature Pack for Visual C++ 2008.  These same feature are in the MFC libraries that come with Visual …
Introduction: Database storage, where is the exe actually on the disc? Playing a game selected randomly (how to generate random numbers).  Error trapping with try..catch to help the code run even if something goes wrong. Continuing from the seve…
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now