RE: safe way to store passwords in unix OS

From: Goulet, Richard <Richard.Goulet_at_parexel.com>
Date: Wed, 4 Jan 2012 17:36:45 +0000
Message-ID: <7642C3D639A75E4284658CAA38BF60A40B00AB_at_US-BOS-VEX001.eu.pxl.int>

Question, isn't the use of a wallet a part of the advanced security option???

Richard Goulet
Senior Oracle DBA/Na Team Leader

-----Original Message-----
From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Tim Hall Sent: Thursday, December 15, 2011 12:46 PM To: oracledbaquestions_at_gmail.com
Cc: ORACLE-L
Subject: Re: safe way to store passwords in unix OS

Hi.

Secure External Password Store sounds like the safest bet.

http://www.oracle-base.com/articles/10g/SecureExternalPasswordStore_10gR2.php

Cheers

Tim...

On Thu, Dec 15, 2011 at 5:30 PM, Dba DBA <oracledbaquestions_at_gmail.com> wrote:
> This is not exactly an Oracle question, but I am asking it here in
> case someone has solved this. We have alot of jobs that log into our
> Oracle databases. Some of them use ops$oracle accounts. In the future
> we are not allowed to use ops$oracle and need to provide passwords. I
> am trying to find a method, or program/script that allows us to do the following.
> 1. store oracle passwords in unix in a lock box 2. only given
> processes and users can access specific passwords 3.
> program/process/script has customizable logic that only lets specific
> jobs access the password.
> 4. We are mainly using Cron for our jobs, but may be using some other
> job schedulers in the future that have more features.
> 5. you cannot access the passwords from a user account
>
>
> basically you give the password to the script/program, etc and tell it
> which jobs/users can retrieve it. Those jobs call the script/program
> and the program can accurately decide which job gets which password.
>
> This is about all the requirements I have on this. Sorry if this is
> kind of vague.
>
>
> --
> http://www.freelists.org/webpage/oracle-l
>
>

--
http://www.freelists.org/webpage/oracle-l


--
http://www.freelists.org/webpage/oracle-l

Received on Wed Jan 04 2012 - 11:36:45 CST

This message: [ Message body ]
Next message: CRISLER, JON A: "RE: Block corruption again"
Previous message: Timo Raitalaakso: "Re: description of bind variable format"
Next in thread: D'Hooge Freek: "RE: safe way to store passwords in unix OS"
Reply: D'Hooge Freek: "RE: safe way to store passwords in unix OS"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message