This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Security Warning: Re: Behaviours of Terminal Versus Script when using "<<"

From: Thomas Wolff <towo at towo dot net>
To: cygwin at cygwin dot com
Date: Wed, 15 Sep 2010 21:47:13 +0200
Subject: Security Warning: Re: Behaviours of Terminal Versus Script when using "<<"
References: <29720777.post@talk.nabble.com>

Am 15.09.2010 19:18, schrieb delbydev:

Hello
Have hunted all over for this one but it seems no one else has reported the
issue - maybe because they don't use the feature or there is something awry
with my installation

I write scripts that dart in and out of databases

I bind my Oracle connection string into a number of variables in my .profile

ORACLE_HOME='c:\\Oracle\\product\\11.2.0\\dbhome_2' export ORACLE_HOME
mydbconn="${ORACLE_HOME}\\bin\\sqlplus -s mydbuser/mydbpass@mydbhost" export
mydbconn

so when I want to dart into the database - I perform the following from the
terminal command line
${mydbconn}
...

Not answering your question (others did), but be aware: It is a very, very bad idea in general to place a password on the command line because every user on your machine can see your password. Do this on your home machine for testing only. ------ Thomas

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Follow-Ups:
- Re: Security Warning: Re: Behaviours of Terminal Versus Script when using "<<"
  - From: delbydev

References:
- Behaviours of Terminal Versus Script when using "<<"
  - From: delbydev

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]