It sounds like the dbas don't want the developer to know the password to Oracle.
If they run the script with sudo or setuid or whatever, what would prevent them from just having the code print out the password that was read from the file?
Re^2: Perl Setuid - Oracle Password Hardcoding
Replies are listed 'Best First'.
Considering that the OP is talking about an application server, it looks to me this is a standard production security policy, not something to pester developers with.
It's not a measure to defend against internal attacks*, but to prevent escalation after an intrusion. Of course, the script should be non-modifiable.
*Although with some effort, it can help to protect against insiders wearing a black hat.