Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Encrypting or maksing password in cron
Operating Systems Solaris Encrypting or maksing password in cron Post 302909736 by jim mcnamara on Friday 18th of July 2014 05:32:30 PM
Old 07-18-2014
Assuming you correctly stated the security requirement, the person(s) who created the requirement know very little about UNIX. Period. Sounds like a management decision.

root owns or can own everything ,or can gain access to all devices, process memory, etc.

Solaris Example pargs -e pid lets root see any environment variable in any process. Period. No limits nothing.

The only way to implement this securely is to change the root password, give it to you only, and remove any privileges granted in Solaris RBAC (/etc/user_attr ) from the persons who had root. And hope you are a great sysadmin. Based on your question - please do not consider doing this. You are not ready.
This User Gave Thanks to jim mcnamara For This Post:
rbatte1
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

encrypting Unix flatfile

Hi, I am new to unix. I have a flat file that needs to be pgp encyrpted in ASCII format and ftped in Ascii format to remote location. Can any one tell me the steps involved in the pgp encryption of the unix file. I will really appreciate if any one can help me with the pgp encryption shell... (1 Reply)
Discussion started by: rkumar28
1 Replies

2. Shell Programming and Scripting

Encrypting a password for shell script

All, I want to encrypt a database system administration password into a file or environment variable. Then, I want to decrypt the password from the file or environment variable so nobody sees the clear text password. For example, I have the database password of developement. I need to... (1 Reply)
Discussion started by: bubba112557
1 Replies

3. AIX

Encrypting password

I have a strange question for someone regarding the AIX 5.2 environment. Here is the scenerio: I have a script that is running a menu full of options. 1. I like food 2. I don't like food Enter Option:_ Enter userID:_ Enter Password:_ (The menu is conversational only so go with me on... (6 Replies)
Discussion started by: Justman
6 Replies

4. UNIX for Advanced & Expert Users

encrypting files in ksh

I have an ascii file that I want to encrypt and save. I have seen this done before, but cannot remember how, nor can I find anything in any of my manuals or online help. Any ideas how to do this? Thanks, Henry (6 Replies)
Discussion started by: hwollman53
6 Replies

5. Solaris

Encrypting a script......

Hiiiiii..... every one..... I have written a script, and i want to make that script confidential.So that, only i can see that script. I am using " crypt " command in solaris 9, to encrypt that script.But when i am executing this... (6 Replies)
Discussion started by: prashantshukla
6 Replies

6. Shell Programming and Scripting

Encrypting the login password on Solaris 10

Hi, Could you pls. help me in encryting a database password on Solaris 10 Box. eg : username : test password : t est123 The request is to encrypt the test123 so that no one can understand the what the password is ? thanks (7 Replies)
Discussion started by: krackjack
7 Replies

7. Shell Programming and Scripting

Encrypting the password

Iam using the teradata... and running the scripts in unix, I wan to encrypt the teradata password in Unix... my hostname is : bprod usename: KRN777 passwrd: passwrd can ant one tell me the exact command to encrypth the passwrd.... thanks, (5 Replies)
Discussion started by: nani1984
5 Replies

8. Shell Programming and Scripting

Encrypting password

Hello All, I need to accept a password from the user and validate it, without having to hard-code it anywhere. Any ideas? (3 Replies)
Discussion started by: optimus_1
3 Replies

9. Shell Programming and Scripting

Help needed regarding cron job scheduler with CyberArk Password security

Hi All, I have a script which will restart some web server and bring it up again. For that I need to retrieve 3 password from CyberArk (Cyber-Ark - Wikipedia, the free encyclopedia) vault. My question is: Is this possible to schedule the script through cron and automatic password... (0 Replies)
Discussion started by: saps19
0 Replies

10. High Performance Computing

Encrypting interconnect

Hi, i've got a qusetion regarding interconnect of compute nodes. In our company we are running a Simulation Cluster which is administrated by the Simulation department. Now our central IT requires to encrypt the interconnect of the compute nodes. Does anybody in that business encrypt... (3 Replies)
Discussion started by: fiberkill
3 Replies

LEARN ABOUT HPUX

chroot

chroot(2)							System Calls Manual							 chroot(2)

NAME

       chroot() - change root directory

SYNOPSIS

DESCRIPTION

       causes  the named directory to become the root directory, the starting point for path searches for path names beginning with path points to
       a path name naming a directory.	The user's working directory is unaffected by the system call.

       The entry in the root directory is interpreted to mean the root directory itself.  Thus, cannot be used to access files outside the subtree
       rooted at the root directory.

   Security Restrictions
       The effective user ID of the process must be a user with the privilege to change the root directory.

       See privileges(5) for more information about privileged access on systems that support fine-grained privileges.

RETURN VALUE

       returns the following values:

	      Successful completion.
	      Failure.
		     is set to indicate the error.

ERRORS

       fails and the root directory remains unchanged if one or more of the following is true:

	      Any component of the path name is not a directory.

	      The named directory does not exist or a component of the
			     path does not exist.

	      The effective user
			     ID is not a user who has the privilege.

	      path	     points  outside  the  allocated address space of the process.  The reliable detection of this error is implementation
			     dependent.

	      The length of the specified path name exceeds
			     bytes, or the length of a component of the path name exceeds bytes while is in effect.

	      Too many symbolic links were encountered in translating the path
			     name.

WARNINGS

   Obsolescent Interfaces
       is to be obsoleted at a future date.

SEE ALSO

       chroot(1M), chdir(2), privileges(5).

STANDARDS CONFORMANCE

								  TO BE OBSOLETED							 chroot(2)
All times are GMT -4. The time now is 08:15 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy