oracle passwords in configuration files

albeit not a DBA or developer myself, reading some security articles, it is not uncommon to find oracle DB passwords plain text within files on a servers file system. What kind of files would contain such passwords, are they those relating to the application? Do they need to be plain text or can they be protected by any other means?
LVL 3
pma111Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Geert GruwezConnect With a Mentor Oracle dbaCommented:
typically batch files on servers may contain passwords
it's also typical to only allow certain people on those servers

there is pro and con in every which way you store passwords
0
 
SurranoConnect With a Mentor System EngineerCommented:
I find this question too generic.
Oracle surely doesn't store its own passwords in plain text files; at least not since 10g.
Where apps store the passwords they need has nothing to do with Oracle. Some examples from our projects:
- some scripts store encrypted user/password pairs in a config file.
- Services running in JBoss AS access a self-developed "password safe" that contains encrypted account info not only for Oracle but all various kinds of secure identification, e.g. external systems etc.
- We have an admin user that performs changes in Oracle RDBMS if needed by a software update but its password is not stored anywhere; customers are free to change it as they wish. We simply reset it to "our little secret" password for the duration of the software update and otherwise only Customer knows what's the active password of the admin user.
0
 
pma111Author Commented:
can you give a beginners guide to what batch files actually do to the database, what they are used for? And what file extension they have?
0
 
Geert GruwezOracle dbaCommented:
dos ... just plain old dos ... it still exists
http://en.wikipedia.org/wiki/MS-DOS

a batch file is just a way to start a program (and automate certain tasks)
> extension .bat or .cmd on windows

you can do anything with it
create the database, run reports, change items, destroy the database
0
 
slightwv (䄆 Netminder)Connect With a Mentor Commented:
>>can you give a beginners guide to what batch files actually do to the database, what they are used for? And what file extension they have?

Sorry, nope.  As mentioned above:  They can do anything and everything.  That is sort of like asking for what typically can be done with a program written in C++.

Basically, Bat/Script files are just another form of programming language.

This is further complicated in Unix.  A shell script really doesn't need to have a file extension.

>> extension .bat or .cmd on windows

There is at least one other one in Windows, PS1 for PowerShell scripts.


Also mentioned above:  There is an infinite number of applications that can store config/account information in text file.  That is up to the developer of the program and can typically only be controlled if the developer works for you or you company has influence over the product.
0
All Courses

From novice to tech pro — start learning today.