$PASSWD showing up in job log as my reAl password

tkmclean · Post by **tkmclean** » Mon Jul 06, 2009 1:58 pm

I have a TRANSFORMER that essentially executes a built up SQL statement. It works....However the log is actually showing my $userid and $passwd as plain text....BAD for SECURITY. the follwing is the derivation in the transfomer

UtilityRunJob("Write_" : DataObjName : "_TEMP",'$userid=': $userid : '|$passwd=': $passwd : "|SQL=": CallJob.SQL :"|Server_Name=" : ServerName : "|Output_Tbl=" : Output_TblName : "|FileName=" : SrcPrefix : CallJob.SOURCE_TBL : "|FieldName=" : CallJob.FIELD : "|RefTblName=" : CallJob.REF_LOC :"|Src_Schema=" : CallJob.SRC_SCHEMA:"|SRC_NAME=":SRC_NAME ,0,0)

the log shows my real username and password. How can I prevent this?

ArndW · Post by **ArndW** » Mon Jul 06, 2009 2:13 pm

Unfortunately you cannot avoid it when using the method your are using. I suppose you could set and environment variable elsewhere and thenjust use that environmetn variable in your command but, as you rightly observed, security with external calls such as this is rather lax.

chulett · Post by **chulett** » Mon Jul 06, 2009 2:19 pm

I don't recall if the 'source' for that utility is available but I assume it is... you may be able to copy it and create a 'Silent' version, much like there exists one for ExecSH for the exact same reason. Copy it and see about not logging some (or all) of the information you're passing in.

ArndW · Post by **ArndW** » Mon Jul 06, 2009 2:21 pm

Somebody doing a PORT.STATUS at the "correct" moment would still see the cleartext.

chulett · Post by **chulett** » Mon Jul 06, 2009 2:24 pm

Still... it wouldn't be in the log.