So like I alluded to before, this will be a technical post, of interest only to people running linux and wanting to see some basic shell scripting. ( You've been warned )
One thing you will want to be careful of is that using the password as an argument will make the password available via ps to other users on the machine. This will also potentially make them visible in .history files. Similiarly, on several *nix variants users are able to see the environments of processes which are not owned by them. It may be safer to write a shell function which extracts the password for the appropriate db instance from the .servername_pwds and pipes it in via stdin.
Most of the machines I work at have 1 user ever on there (root and/or oracle) and no other users, but what you're suggesting is good security practice.
Comments 4
Reply
I'll try to work up a follow up post - thanks!
Reply
Reply
Reply
Leave a comment