sqlplus hide password

Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

I'm trying to hide the password when invoking a sqlplus session from within a perl script. The idea is to present a sqlplus (oracle) session as a certain login so that the person calling the script doesn't know what the password of the login being connected is.
So the caller invokes con.pl and it presents them with a sqlplus prompt having automatically logged them in .
The problem I have is that the resulting login/password information is displayed when using ps
I've seen various other suggestions about overcoming this in shell scripts but not from within perl.

 $login = "a_user";
 $passw = "a_user_pwd";
 $instance = "MYINST";
 $cons = "sqlplus -R 3 '$login/$passw@$server";
 $cons .= " @ARGV";
 $cons =~ s/;/\\;/g;
 exec $cons;
[download]

This works and presents a sqlplus session as login a_user but I can see the password via a ps. I've tried padding out the command with blanks but this doesn't work. This is on unix and the sqlplus session cannot be authenticated via the OS method for various reasons beyond my control.
Does anybody have any ideas about how to overcome this problem ?

Comment on sqlplus hide password Download Code

Replies are listed 'Best First'.
Re: sqlplus hide password by jplindstrom (Monsignor) on Aug 23, 2006 at 11:56 UTC
Not sure this will work, but if you `perldoc -f exec`, you can read a section about letting the program lie about what it's called. Maybe you can give it a try (and please report back here whether it worked or not). Another idea is obviously that if you can do this from within a shell script, do it from within a shell script :) /J	[reply] [d/l]
Re: sqlplus hide password by derby (Abbot) on Aug 23, 2006 at 12:01 UTC
Use DBI instead of forking sqlplus. -derby	[reply]
Re^2: sqlplus hide password by jplindstrom (Monsignor) on Aug 23, 2006 at 13:42 UTC
Uh, a DBI connection doesn't really have the same capabilities as an sqlplus session. Not that it might not solve the OP's problem, but it's hardly the same thing. But if sqlplus' features aren't necessary, there is also DBI::Shell which is pretty nice. /J	[reply]
Re^3: sqlplus hide password by derby (Abbot) on Aug 23, 2006 at 13:45 UTC
sometimes pointing people in the general direction of a solution is better than just giving them the solution ... sometimes -derby	[reply]
Re: sqlplus hide password by BigJoe (Curate) on Aug 23, 2006 at 14:28 UTC
Personally I would ust DBI and build a simple interface. But this really depends on what you are trying to accomplish. DBI can actually do a lot of things that you can do from SQL*Plus. From the example you have here using this option would work pretty well. Otherwise I would try Expect (http://search.cpan.org/~rgiersig/Expect-1.20/Expect.pod). you would pass the username and Database instance and expect would allow you to the then pass the password then any subsequent commands. --BigJoe Learn patience, you must. Young PerlMonk, craves Not these things. Use the source Luke.	[reply]
A reply falls below the community's threshold of quality. You may see it by logging in.