Hiding Database Passwords


A customer called to ask how he can let his users invoke Suprtool to access a database, without allowing them to see the database password. Here is a command file we created to do just that:

    ST.USERCMD:

    anyparm moreinfo=" "
    run suprtool.pub.robelle; &
             parm=8; info= "base mydb.db.acct,1,PASSWD;!moreinfo"
Users should have execute access to this file, but not read access (use MPE/iX's ALTSEC command). They can invoke the file by including a parameter in the Info string:

    st.usercmd use myfile

[Hans Hendriks]

....Back to the Suprtool Q&A Page