Re: Masking sp_password/sp_addlogin

---

• From: "Carl Kayser" <kayser_c@xxxxxxx>
• Date: Tue, 19 Dec 2006 08:32:35 -0500

---

"Amit" <Amit.Bharadia@xxxxxxxxx> wrote in message
news:1166524143.792387.119260@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Hi ,

With auditing enabled, with sp_password/addlogin password is displayed
in clear text in audit tables, Since audit tables are system tables we
cannot write trigger on audit table.

Any way to mask the same..?

-Amit

I assume that you are referring to event 38 (exec procedure). In which case
only the login name is stored in extrainfo for sp_addlogin and sp_password.
Now, the MDA tables (i.e., monSysSQLText) are another story - which Sybase
claims to be addressing in a future release.


.

---

• Follow-Ups:
  • Re: Masking sp_password/sp_addlogin
    • From: bret

• References:
  • Masking sp_password/sp_addlogin
    • From: Amit

• Prev by Date: Re: Is there any way to drop an audit table in sybsecurity database ?
• Next by Date: Re: Masking sp_password/sp_addlogin
• Previous by thread: Masking sp_password/sp_addlogin
• Next by thread: Re: Masking sp_password/sp_addlogin
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

newsgroups.derkeiler.com  > Archive  > Comp  > comp.databases.sybase  > 2006-12