From owner-freebsd-questions@FreeBSD.ORG Thu Feb 15 18:44:30 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D897216A41F for ; Thu, 15 Feb 2007 18:44:30 +0000 (UTC) (envelope-from david.robillard@gmail.com) Received: from nz-out-0506.google.com (nz-out-0506.google.com [64.233.162.227]) by mx1.freebsd.org (Postfix) with ESMTP id 8B40913C4A7 for ; Thu, 15 Feb 2007 18:44:30 +0000 (UTC) (envelope-from david.robillard@gmail.com) Received: by nz-out-0506.google.com with SMTP id i11so694940nzh for ; Thu, 15 Feb 2007 10:44:29 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition; b=n/4WVgWROWU5UEUkmIqgialNjq6nwlrUzMP2a3e2hnvFv1HvcNP94X6658jXIki7BdefQ7OvXA/KhrukaaCnK0gMJsdHvL6XIVjLJhm5RVNCtAJbJtN+cIo4T3bCEN1OEJsNHEmU/xLtm2kBQLvSBhoEZiUbwUY46R8ag2mZkAU= Received: by 10.65.206.7 with SMTP id i7mr3354848qbq.1171565069466; Thu, 15 Feb 2007 10:44:29 -0800 (PST) Received: by 10.65.11.16 with HTTP; Thu, 15 Feb 2007 10:44:29 -0800 (PST) Message-ID: <226ae0c60702151044p547880b7mfd52d48567a704fb@mail.gmail.com> Date: Thu, 15 Feb 2007 13:44:29 -0500 From: "David Robillard" To: "FreeBSD Questions" MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Cc: Dak Ghatikachalam Subject: Re: Ksh Shell script security question. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Feb 2007 18:44:30 -0000 > I am am puzzled how to secure this code when this shell script is > being executed. > > ${ORACLE_HOME}/bin/sqlplus -s < connect system/ugo8990d > set heading off > set feedback off > set pagesize 500 > select 'SCN_TO_USE | '||max(next_change#) from V\$LOG_HISTORY; > quit > EOF > > When I run this code from shell script in /tmp directory it spews > file called /tmp/sh03400.000 in that I have this entire code visible. Hi Dak, The reason you can see the code in ${RESTOREFILE} is because of the tee command. With `tee -a` you're actually asking to have the code installed in ${RESTOREFILE}. Now, one way to secure this is to set a restrictive umask at the start of the script. For example, setting `umask 0077` will cause your script to generate files which will only be read/write for the user who runs the script. But the files will still have you username/passwd in them. To remove the username/passwd from the files, may I suggest you change your code to include the username/passwd into the sqlplus command. Like this for example: export ORACLE_SID="your_oracle_sid" sqlplus "${USERNAME}/${PASSWORD}" -s <<-EOF | tee -a ${RESTOREFILE}. set heading off set feedback off set pagesize 500 select 'SCN_TO_USE | '||max(next_change#) from V\$LOG_HISTORY; quit EOF This will still generate a file, but the username/password won't be there. Of course, that means you need to hide your credentials in an encrypted file eslwhere on your machine. You can then setup code that will check the md5 sum of the password file and use something like OpenSSL or GPG to encrypt/decrypt the file. Have fun, David -- David Robillard UNIX systems administrator & Oracle DBA CISSP, RHCE & Sun Certified Security Administrator Montreal: +1 514 966 0122