My Oracle Support Banner

FAQ About Database Credentials Disclosed By pin_rel Process (Doc ID 1537948.1)

Last updated on AUGUST 19, 2020

Applies to:

Oracle Communications Billing and Revenue Management - Version 7.3.0.0.0 to 7.5.0.0.0 [Release 7.3.0 to 7.5.0]
Information in this document applies to any platform.

Purpose

FAQ about database credentials disclosed by pin_rel process.

Questions and Answers

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Purpose
Questions and Answers
 When listing processes (Unix command "ps") running on filesystem while rated usage events are being loaded into database through REL, we can see the sqlldr process executed by pin_rel process is listed along with the database credentials. This might represent a security issue.
 Using of Oracle Wallet functionality is conditioned by using of Advanced Security (ASO) functionality, which is conditioned by additional license purchase. Hereby, why using of standard BRM functionality is conditioned by purchase of additional Oracle license?
 In 7.3 it is not possible to somehow influence security issue with listing visible password in 'ps' list since connection string "userid=USER/PASS@DB" is hardcoded in pin_rel binary file. Is this connection string hardcoded in 7.5 pin_rel?
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.