Helen Borrie wrote:

> At 06:18 PM 1/05/2005 +1000, you wrote:
>
>>I have found that I can create a database by offering ISC_USER = [owner]
>>rather than SYSDBA.
>>
>>Is there anything special about SYSDBA?
>>
>>Is SYSDBA just a convention
>
>
> SYSDBA is a real user (the server's superuser). It has complete
> destructive rights over all databases, whether it owns them or not.
>
>
>>or is the ISC_USER at database creation
>>time the real dba?
>
>
> I don't really understand the question. ISC_USER and ISC_PASSWORD are
> environment variables that you can set (with caution!!) to the username and
> password respectively that you want to use at the command line. Usually,
> you set them temporarily in your private environment as the SYSDBA and its
> password, in order to do administrative command-line tasks without needing
> to enter them as command-line switches.

Sorry Helen - I wasn't clear enough. I was calling ddl scripts
(actually, empddl.sql downloaded from the apress site and cut into
separate parts) from a bash script which set ISC_USER and ISC_PASSWORD.
I want to put the ddl scripts under version control without including
passwords. The bash script won't be versioned until I figure out how to
make it request the password when it runs. It uses export and those ISC_
vars evaporate when it exits.

So the question relates to using a non-SYSDBA user to create the
database. Alan responded that it is good practice to do so.

Might be asking another question about gsec and those vars later.

Mike