Due to Oracle 9.0.2 removing the connect internal option, I have about thirty broken scripts which do things such as backups, object compiles and such.
The change on the scripts is easy, just hard code a user id and password into the script.
This is in my opinion a maintenance nightmare and a security hazard, even if permissions are tight on the scripts. Its important that the oracle binary owners password not be just sitting around.
I came up with a scheme to store these passwords in a file in /etc/ that is locked down nice and tight. The permissions would be read only owned by oracle. No other groups or users would get access.
Thats okay, but if for some reason someone gets the file, they've got the oracle password.
I have never had to write a script to encrypt data. Its just never come up, here or on any of my consulting gigs. We have a couple of older scripts that do this, but they became non-functional as part of the 11i upgrade. I'm not sure why.
So, I'm looking for a simple way to encrypt the data in my little password file so that if sonmeone gains access to the file they get garbage.
So, I'm turning to itrc for some a script stub that does the job and improves security a bit.
I'm also open to opinions as to better ideas on how to handle this.
Our system has strong random number encryption/generation and a good variety of security programs.
Note: I will get to my congrats thread, I just want to compose a thoughtful message and thank everyone for their greetings.
Thanks.
As always, points for all participants, bunnies for workable answers. I will try and test these ideas today.
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
