Unix script security

By mevreugd
Jul 7, 2007
Topic Status:
Not open for further replies.
  1. I'm using an excellent script from R. H. Reepe for accessing accounts, but need a security line, that fits the script. Any suggestions? Thx in advance;)
    Her's the script

    Arg_1 = Requested Account Name (coded string)
    # Arg_2 = Calling Script Name ($0)
    # Arg_3 = [Calling PID (for uniqueness)]
    {

    _audit_log=$ORACLE_LOG/oracle_audit_trail.log
    if [ "$1" = "" ]
    then
    echo "Error in $0 : No coded string provided"
    echo "Oracle Connection Refused"
    exit 1
    fi
    if [ "$2" = "" ]
    then
    echo "Error in `s_prog` : No calling script_name provided for"
    echo "Subroutine s_access_account - Oracle Connection Refused"
    echo "Attempt to Crack Security made by $USER at `date`" >> $_audit_log
    echo "From terminal $TERM (`tty`) using script `s_prog`" >> $_audit_log
    exit 2
    fi
    _pid=${3:-""}
    _timestamp=`s_timestamp`
    _script_type=`dirname $2`
    _script_type=`basename $_script_type`
    _script_name=`basename $2`
    if [ "$_script_type" = "." ]
    then
    _script_type=`pwd`
    _script_type=`basename $_script_type`
    _script_name=`s_prog`
    fi
    account=`/usr/5bin/echo "$1\c" | $DECODE`
    /usr/5bin/echo "export account" > $account_string"$_pid"
    /usr/5bin/echo "account=$account\c" >> $account_string"$_pid"
    . $account_string"$_pid"
    _name=`echo "$account" | tr '/' ' ' | cut -f1-1 -d\ `
    echo "$_timestamp Oracle connecting as $_name from $_script_type $_script_name" >>
    $_audit_log
    s_delete_account $_pid & > /dev/null 2>&1
    return 0
    }
  2. jobeard

    jobeard TS Ambassador Posts: 13,040   +223

    what do you mean by 'security line'? Do you wish to verify that only authorized users
    may invoke(run) the script?

    the Oracle login will succeed or fail normally so what's your concern?

    btw, there are other means to access Oracle, so this usage is marginal anyway.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.