2 Replies Latest reply on Jul 1, 2013 5:42 AM by Billy~Verreynne

    Help correct code connect to Oracle on Unix system




      A database administrator has used to connect to oracle database on unix operating system by using the following


      $ sqlplus sys/sysPass1@orcl as sysdba 


      What are the big mistakes in the previous method to connect?

        What do you suggest to avoid such mistakes?

        • 1. Re: Help correct code connect to Oracle on Unix system
          Solomon Yakobson

          Anyone who can has access to command history will be able to see sys password. It is suggested to use /nolog:


          $ sqlplus /nolog

          SQL> connect sys/sysPass1@orcl as sysdba



          • 2. Re: Help correct code connect to Oracle on Unix system

            If the intention is to connect to a remote database, then a local internal logon will not work.


            In that case the user can use the TWO_TASK variable to hide the identify of the database from the command line, and only specify the username on the command line - forcing sqlplus to prompt for the password.



            /home/billy> export TWO_TASK=dev1
            /home/billy> sqlplus billy
            SQL*Plus: Release Production on Mon Jul 1 07:35:38 2013
            Copyright (c) 1982, 2011, Oracle.  All rights reserved.
            Enter password: 
            Connected to:
            Oracle Database 11g Enterprise Edition Release - 64bit Production
            With the Partitioning, Real Application Clusters, Automatic Storage Management, Oracle Label Security,
            OLAP, Data Mining, Oracle Database Vault and Real Application Testing options
            Session altered.
            SQL> !ps -fu billy | grep sqlplus | grep -v grep
            billy    32521  2177  0 07:35 pts/8    00:00:00 rlwrap /home/billy/instantclient_11_2/sqlplus billy
            billy    32522 32521  0 07:35 pts/14   00:00:00 /home/billy/instantclient_11_2/sqlplus      


            As you can see, the only details available by looking at the process's command line is the schema name used as logon. No database details. No password details.