Highlighted

cfexecute security issue

Advisor ,
Mar 18, 2019

Copy link to clipboard

Copied

Hi All,

I have the next command cfexecute in CF11

<cfexecute name="#app_dir#resources\oracle_instantclient\sqlldr.exe" timeout="10"

                        arguments='userid=sampleDB/\"mypass\"@//10.230.44.7:1521/sampleDB control=#app_dir#upload\importME.ctl log=#app_dir#upload\importME.log'

                        errorVariable="errorReport">

                    </cfexecute>

The sql loader is working but I have an issue with security because i am including the DB password in my cfc page.

Is there a way to use the CF admin data source Oracle connection here? Or

Is there a way to encrypt the password in the cfexecute?

Thanks

Johnny

Views

137

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

cfexecute security issue

Advisor ,
Mar 18, 2019

Copy link to clipboard

Copied

Hi All,

I have the next command cfexecute in CF11

<cfexecute name="#app_dir#resources\oracle_instantclient\sqlldr.exe" timeout="10"

                        arguments='userid=sampleDB/\"mypass\"@//10.230.44.7:1521/sampleDB control=#app_dir#upload\importME.ctl log=#app_dir#upload\importME.log'

                        errorVariable="errorReport">

                    </cfexecute>

The sql loader is working but I have an issue with security because i am including the DB password in my cfc page.

Is there a way to use the CF admin data source Oracle connection here? Or

Is there a way to encrypt the password in the cfexecute?

Thanks

Johnny

Views

138

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Mar 18, 2019 0
Advisor ,
Mar 19, 2019

Copy link to clipboard

Copied

FYI, I found a solution passing parameter as parfile.

preventing password leakage with SQL*Loader

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Mar 19, 2019 0