[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freetds
Subject:    Re: [freetds] Proposed patch to datacopy to allow passwords to be read from stdin
From:       Frediano Ziglio <freddy77 () gmail ! com>
Date:       2012-09-16 8:42:44
Message-ID: CAHt6W4cLXJ6NJWEk8V2GJaDvhmCA7rkOXP7WJD_-FMDDmDFUmA () mail ! gmail ! com
[Download RAW message or body]

2012/8/16 PublicMailbox@benslade.com <PublicMailbox@benslade.com>:
> The patch below would permit the datacopy utility to use a dash for the password in \
> the source or destination server parameter to mean "read from standard in".   For \
> example: 
> datacopy -Smyserver/myusername/-/mydatabase/mytable ...
> 
> Upon finding a dash for the password, datacopy would prompt for the password and \
> read it in. 
> Using a dash for a parameter to specify "read from stdin" is a typical style for \
> many Unix/Linux utilities. 
> This feature is needed to prevent the security violation of putting a password on \
> the command line (which makes it visible to ps -f in Unix/Linux).    For batch \
> (non-interactive) jobs in an enterprise environment, this is a mandatory \
> requirement.    Using kerberos might be better, but that's a much harder change. 
> Ben Slade
> DBA @ NCBI.NLM.NIH.gov
> 
> 
> > diff -u datacopy.c.orig datacopy.c
> --- datacopy.c.orig     2011-05-16 04:51:40.000000000 -0400
> +++ datacopy.c  2012-08-16 11:18:55.583213000 -0400
> @@ -246,6 +246,10 @@
> if (!tok)
> return FALSE;
> pdata->spass = strdup(tok);
> +                                        if( strcmp(pdata->spass,"-") == 0 ) {
> +                                          printf("Enter Source Password : ");
> +                                          pdata->spass = gets_alloc();
> +                                        }
> 
> tok = strtok(NULL, "/");
> if (!tok)
> @@ -277,6 +281,10 @@
> if (!tok)
> return FALSE;
> pdata->dpass = strdup(tok);
> +                                        if( strcmp(pdata->dpass,"-") == 0 ) {
> +                                          printf("Enter Destination Password : ");
> +                                          pdata->dpass = gets_alloc();
> +                                        }
> 
> tok = strtok(NULL, "/");
> if (!tok)
> 
> 

Applied (modified).

https://gitorious.org/freetds/freetds/commit/9dc94619e6772b07932172e751f2d2d6ae5417d0

Current code support Kerberos too (see change
https://gitorious.org/freetds/freetds/commit/a8f2145344f1b9017a9453a2ac29467f5e56d58e)


Frediano
_______________________________________________
FreeTDS mailing list
FreeTDS@lists.ibiblio.org
http://lists.ibiblio.org/mailman/listinfo/freetds


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic