Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: How to hide password on command line in AIX

Re: How to hide password on command line in AIX

From: Michel Cadot <micadot_at_netcourrier.com>
Date: 2000/04/25
Message-ID: <8e4dph$qhb$1@news2.isdnet.net> 






Here's the previous answer from robie


to the same question *you* posted last fall.



It's a program used to launch sqlplus:


/*---------------------------------------------------------------------------+


 |     Copyright (c) 1992 Oracle Corporation Belmont, California, USA      |

 |     All rights reserved         |

+---------------------------------------------------------------------------*/
/*---------------------------------------------------------------------------+


 |   FILENAME             |

 |  hide.c              |

 |   DESCRIPTION            |

 |  Hides arguments for programs on UNIX systems.                        |

 |      Can be used as a program prefix: hide program arguments|

 |      or as a symbolic link.  If this program is not invoked as hide, it|

 |      will hide its arguments and invoke the program name.hide|

 |      The best way to use this is to rename your critical programs to|

 |      program.hide, and create a symbolic link program to hide.|

 |      mv sqlplus sqlplus.hide; ln -s hide sqlplus|

 |      Thus when sqlplus is invoked, its arguments will be hidden|

 |   NOTES             |

 |      This program works by padding 3000 '/' chars in argv[0].  This fools|

 |      all known ps's.  This will reduce the argument capacity of your|

 |      program by 3000 chars.  A good enhancement would be to reduce the|

 |      padding if needed so that no arguments are lost - would require a|

 |      method of determining the max argument size on the system.  Some|

 |      system's provide the E2BIG error on exec.|

 |      There is some performace penalty for using this program, but it is|

 |      minimal because this program is so small - the biggest cost is the|

 |      extra exec required to get this program started.|

 |   HISTORY             |

 |       09/15/92  R Brodersen  Created, based on D Beusee's hideargs()|

 |       09/17/92  D Beusee     Fixed to compile on any system|

+---------------------------------------------------------------------------*/

/*
 * $Header: /local/bin/RCS/hide.c,v 1.6 1992/09/22 22:37:17 dbeusee Exp $
 *
 * $Log: hide.c,v $
 * Revision 1.6  1992/09/22  22:37:17  dbeusee
 * Added exit(1) when cannot execvp the program.
 *
 * Revision 1.5  1992/09/22  11:28:44  dbeusee
 * SOme BSD systems have memset(), so add a #define memset MEMSET to fix
 * compilation errors (like on ultrix).
 *
 * Revision 1.4  1992/09/22  06:34:57  dbeusee
 * BSD systems need memset routine.
 *
 * Revision 1.3  1992/09/22  06:05:13  dbeusee
 * Set JUNK_CHAR to ' ' but force last junk char to '/'.  This looks prettier
 * when doing 'ps'.  Also do not show full path of the program.  Also do not
 * show .hide if prog is a symlink to hide.
 *
 * Revision 1.2  1992/09/22  05:52:26  dbeusee
 * If hide could not execvp the program, give an error message.
 * if hide was invoked with a full path (e.g. /usr/local/bin/hide),
 * do not try to invoke PATH/hide.hide.
 *




 *


 */


#include <stdio.h>
#ifdef SYS5
#include <string.h>
#else
#include <strings.h>
#define strrchr rindex
#define memset MEMSET /* some BSD systems have a memset() */


char *memset();

#endif
#define JUNK_SIZE 80
#define JUNK_CHAR ' '





char arg0buf[4096];


char progbuf[4096];


char errbuf[4096];



int main(argc, argv)


int argc;


char *argv[];


{


    char *name, *base;


    int firstarg;



    if (!(name = strrchr(argv[0], '/')))


        name = argv[0];


    else


        name ++; /* get past '/' */



    firstarg = (!strcmp(name, "hide")) ? 1 : 0;



    if (firstarg && (argc == 1))


    {

        fprintf(stderr, "Usage: hide program arguments\n");
        fprintf(stderr, "   ie: hide sqlplus username/password\n");
        fprintf(stderr, "if hide is not named hide, \
it will execute name.hide (useful as a symbolic link)\n");
        exit(1);




    }



    /* Build program name.  If symbolic link mode, use argv[0] || .hide */
    strcpy(progbuf, argv[firstarg]);


    if (!(base = strrchr(argv[firstarg], '/')))


        base = argv[firstarg];


    else


        base ++; /* get past '/' */


    if (!firstarg) strcat(progbuf, ".hide");



    /* Build arg0 buffer.  First, fill it with junk */
    memset((void *)arg0buf, JUNK_CHAR, JUNK_SIZE);
    arg0buf[JUNK_SIZE-1] = '/'; /* set last char to '/' */
    /* Prepend real program name - so ps can see what prog is running */
    strncpy(arg0buf, base, strlen(base));
    /* Append real program name - so prog can see what prog is running */
    strcpy(arg0buf + JUNK_SIZE, argv[firstarg]);
    /* Assign new arg0 buffer to the argv array */
    argv[firstarg] = arg0buf;



    /* Start the new program with the shifted arguments */
    execvp(progbuf, argv + firstarg);



    sprintf(errbuf, "Could not execvp '%s'", progbuf);
    perror(errbuf);


    exit(1);


}



#ifndef SYS5


char *


memset(s, c, n)


 register char *s;


 register c, n;


{


 register char *p = s;



 while (n-- > 0)


  *s++ = c;



 return (p);


}


#endif /* ifndef SYS5 */


--
Have a nice day
Michel


Kevin <kcheung_at_poboxes.com> a écrit dans le message : 8e4aft$6fl$1_at_du04.oli.hk...
> How can I hide the pasword for using tools like sqlplus on command line in
> AIX ?
>
> For example,
> sqlplus apps/apps_pwd @abc
>
> I've tried to substitute the password with a env. var like
> sqlplus apps/${APP_PWD} @abc
>
> But this does not work in AIX, it shows the value of the variable instead of
> the name of the var when I do a ps -ef
>
> Thanks,
> Kevin
>
>


Received on Tue Apr 25 2000 - 00:00:00 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US