DSXchange

I have a TRANSFORMER that essentially executes a built up SQL statement. It works....However the log is actually showing my $userid and $passwd as plain text....BAD for SECURITY. the follwing is the derivation in the transfomer

UtilityRunJob("Write_" : DataObjName : "_TEMP",'$userid=': $userid : '|$passwd=': $passwd : "|SQL=": CallJob.SQL :"|Server_Name=" : ServerName : "|Output_Tbl=" : Output_TblName : "|FileName=" : SrcPrefix : CallJob.SOURCE_TBL : "|FieldName=" : CallJob.FIELD : "|RefTblName=" : CallJob.REF_LOC :"|Src_Schema=" : CallJob.SRC_SCHEMA:"|SRC_NAME=":SRC_NAME ,0,0)

the log shows my real username and password. How can I prevent this?

Unfortunately you cannot avoid it when using the method your are using. I suppose you could set and environment variable elsewhere and thenjust use that environmetn variable in your command but, as you rightly observed, security with external calls such as this is rather lax.

I don't recall if the 'source' for that utility is available but I assume it is... you may be able to copy it and create a 'Silent' version, much like there exists one for ExecSH for the exact same reason. Copy it and see about not logging some (or all) of the information you're passing in.

Somebody doing a PORT.STATUS at the "correct" moment would still see the cleartext.

Still... it wouldn't be in the log.