Quote:
Originally Posted by
k1ko
yes i finally got it working and just realized this. Is there anyway to keep it safe and still be able to pass it to sqlplus within a shell script?
You may want to set up circumstances wherein this one, specific user can login this one, specific way without a password. Or some sort of noninteractive login method, if applicable. If and how this can be done varies by DBMS.
If this isn't applicable it is much better to write the password to a pipe than to write it to a file or to pass it as a commandline parameter. If this means writing to a password prompt that insists on a TTY, the
expect tool may be able to help you...
Quote:
I guess one positive is that the password isn't just hard coded in my param file anymore...
No, just the parameters for using your cryptovault... If your shell script can use the cryptovault noninteractively, what's stopping anyone else from doing so?