https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673708#M51529 Have you seen,<BR /><BR />#man setkey<BR />#man makekey<BR />#man crypt<BR />#man encrypt<BR /><BR />-K.Vijay Fri, 01 Mar 2002 06:22:30 GMT K.Vijayaragavan. 2002-03-01T06:22:30Z https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673704#M51525 is there a way to secure plain text passwords in a script that you need to pass a password to an application like a database ? Thu, 28 Feb 2002 18:22:44 GMT https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673704#M51525 Tom Elder 2002-02-28T18:22:44Z https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673705#M51526 Not that I know of. If you really must hardcode an id/password in a script (as for sqlplus connections) make sure that the script itself can be read only by users who already have access to that id. If regular file permissions do not allow the granularity you need, use ACLs. Thu, 28 Feb 2002 18:30:43 GMT https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673705#M51526 Alan Riggs 2002-02-28T18:30:43Z https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673706#M51527 I will look up ACL's in my man pages but I was not aware of their use outside of routers and such. Can you point me in a direction for my research?<BR /><BR />thanks<BR />tom Thu, 28 Feb 2002 19:49:37 GMT https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673706#M51527 Tom Elder 2002-02-28T19:49:37Z https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673707#M51528 Also, be aware that if you log into a database like so:<BR /><BR />sqlplus scott/tiger<BR /><BR />Everybody and their brother on the machine can do a ps -ef and see your password in the process list.<BR /><BR />This works:<BR /><BR />USERID=scott/tiger<BR />sqlplus &lt;<EOF></EOF>$USERID<BR />select sysdate from dual;<BR />EOF<BR /><BR />Your password won't show up on the command line that way. Of course, different applications may have different issues. Thu, 28 Feb 2002 21:15:56 GMT https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673707#M51528 Eric Ladner 2002-02-28T21:15:56Z https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673708#M51529 Have you seen,<BR /><BR />#man setkey<BR />#man makekey<BR />#man crypt<BR />#man encrypt<BR /><BR />-K.Vijay Fri, 01 Mar 2002 06:22:30 GMT https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673708#M51529 K.Vijayaragavan. 2002-03-01T06:22:30Z https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673709#M51530 You might consider to use the OPS$ connect from Oracle.<BR /><BR />Do not know if this helps<BR />Volker Fri, 01 Mar 2002 09:53:05 GMT https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673709#M51530 Volker Borowski 2002-03-01T09:53:05Z https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673710#M51531 Hi,<BR /><BR />If sudo doesn't suit your needs, then use restricted sam.<BR /><BR />Give the script only -r-x------ (chmod 0500) permissions for the owner called eg. sqlmod.<BR /><BR />Subsequently, add this script to sam and configure restricted sam for this script:<BR /><BR />$ sam -r<BR /><BR />A user sqluser1 can thus execute the script from sam without the ability to read the script owned by sqlmod.<BR /><BR />$ /usr/sbin/sam<BR /><BR />Another alternative is to wrap your script in a C program, but this is not foolproof.<BR /><BR />Hope this helps. Regards.<BR /><BR />Steven Sim Kok Leong Fri, 01 Mar 2002 10:01:11 GMT https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673710#M51531 Steven Sim Kok Leong 2002-03-01T10:01:11Z https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673711#M51532 thanks for the help; you have given me several ways to try to implement my task. Wed, 06 Mar 2002 21:42:35 GMT https://community.hpe.com/t5/operating-system-hp-ux/securing-plain-text-passwords/m-p/2673711#M51532 Tom Elder 2002-03-06T21:42:35Z