Subject: ConText - Disabling Passwords From Showing
Jeremy,
I looked through the docs and did some testing regarding the ConText servers.
It looks like you CAN prevent passwords from appearing in the "ps" command.
However, you still need to hard-code this in a file (which you can set the
properties to 400 to prevent non-Oracle users from viewing).
The "ctxctl" command needs a password as well. According to the docs, "The first
time you type the start command for a ctxctl session, ConText prompts you to
enter the password for the ConText administrator (CTXSYS)." Also, since the
"ctxctl" command cannot specify a logfile, it is better to use the "ctxsrv"
command.
Normally, the username and password show with ps:
oracle 14212 13191 0 13:58:25 pts/4 0:00 ctxsrv -user ctxsys/ctxsys
-logfile /usr/local/oracle/admin/SSTEST/bdump/ctx.lo
The example below shows how to hide the password from "ps:"
There are two files, "start_ctx" and "pword.txt":
start_ctx
---------
ctxsrv -log $ORACLE_BASE/admin/$ORACLE_SID/bdump/ctx.log < $PATH/pword.txt &
pword.txt
---------
CTXSYS/ctxsys
Be sure to change $PATH in the "start_ctx" script to indicate where the
pword.txt file resides. This way cronjobs and startup scripts know where
to find the password file.
After starting the server with the "start_ctx", the "ps" command looks
like the following:
oracle 14426 1 0 15:29:47 pts/1 0:00 ctxsrv -log
/usr/local/oracle/admin/SSDEV/bdump/ctx.log
-Ari
Back to Ari Kaplan's Home Page