-
Solaris 7
Oracle 8.1.7.1.0b
sqlldr.
Every day I load a very large number of text files using sqlldr. My probelmat the moment is security.
When I connect to oracle for batch jobs outside sqlldr, I use the following.
In my unix script.sh
USER="user"
PASS="pass"
COM2="connect $USER/$PASS"
COM3="sqlplus /nologon"
$COM3 <
$COM2
select * from dual;
ESQL
Then in UNIX if I do a
/usr/ptree/bin/proc
I can find the process and I CAN'T see the password. This is good.
Sqlldr on the other hand
USER="user"
PASS="pass"
COM="sqlldr $USER/$PASS"
$COM $CONTROL/data.ctl DATA=data.txt DIRECT=TRUE
I can't use the /nologon. And when I do a /usr/ptree/bin/proc I can see the user/pass, which to me is very disturbing. Any ideas what I can do?
Cheers,
OCP 8i, 9i DBA
Brisbane Australia
-
How about using a parameter file containing the userid
-amar
-
Hello,
What abour using an oracle user identified by you OS...
and so, you will have :
COM="sqlldr /"
$COM $CONTROL/data.ctl DATA=data.txt DIRECT=TRUE
Hope this helps
Regards
-
Originally posted by amar
How about using a parameter file containing the userid
-amar
I have tried this, it works if the userid/password@tns is static, when I was doing this it was dynamic so using shell variables wasnt possible (at least no on Tru64), try pass the password from a file to sql loader, I think it hides the password
Somthing like
Code:
echo ${DESPWD} > /tmp/zeratul
sqlldr userid=${DESUSER}@${DESTNS} parfile=${SQLLDRCTLDIR}/sqlldr_${PATRON2}.par < /tmp/zeratul > ${SQLLDRLOGDIR}/sqlldr_${PATRON1}.log 2>> ${SQLLDRLOGDIR}/sqlldr_${PATRON1}.log
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|