sp_RestoreDatabase and ADSSYS password
https://stackoverflow.com/questions/12059983
-
27-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
To restore a database using the procedure SP_RESTOREDATABASE or AdsBackup utility, you need to provide the ADSSYS password as a parameter. We have secured our database using encryption and access is resctrited to specific users. But anyone using Data Architect can retrieve the ADSSYS password while the restore is taking place in the ACTIVE QUERIES tab under the Remote Server Info/Advantage Management Utility. The password appears as clear text. If query logging was enabled, I suppose it would be available in the log as well.
Is there a way to prevent a query from being shown in the log or the active queries window?
Solution
You should use a parameterized query. In that case, the parameter values will not be visible:
execute procedure sp_restoredatabase( :backuploc, :password, :restoreloc, null );
Then supply the values for the parameters backuploc, password, and restoreloc.
Note too that v11.0 restricts the visibility of that information in general. It requires a DB:Admin connection to a dictionary in order to view any statements executed on that dictionary.
