Security for administators of Oracle databases
29/12/2017 11:47
Group, I was wondering how other people have their servers configured when there is more than one DBA working on the server/database.

For example things could be a lax as all DBAs can use the oracle unix account and login with a generic DBA account. Another option would be each admin has their own OS user id and is a member of the DBA group, but also has a Database account with DBA privs. ( which seems redudant because if you are a member of the DBA group you can always connect / as sysdba.

Is one method really better than the other? Scott.

Source is Usenet: comp.databases.oracle.server
Sign in to add a comment

Answer score: 5
29/12/2017 11:47 - On Thu, 5 Jul 2007 15:54:06 -0400, Scott <toomuchspam@noemail.com> Whether *Nix or Windows you can easily disable OS authentication assysdba by sqlnet.authentication_services=(none)in your sqlnet.oraIf you also enable audit_sys_operations on your database, at least youwill be able to see who is executing certain commands.

I admit they are stored in Ascii files in $ORACLE_HOME/rdbms/audit,but it is better than nothing.

IMO, you would need to take it one step further and disable / assysdba.

Actually this is in Arup Nanda's whitepaper 'Project Lockdown' onhttp://otn.oracle.com ¤0.02

Source is Usenet: comp.databases.oracle.server
Sign in to add a comment

Answer score: 5
29/12/2017 11:47 - e ischtn.oracle.com I have a question about yourproposition(sqlnet.authentication_services=3D(none)).

How to secure sqlnet.ora file since every DBA can set TNS_ADMINenvironment variable to another location where she/he has created acustom sqlnet.ora file and uses it to connect as sysdba withoutpassword.

Adrian Angelov

Source is Usenet: comp.databases.oracle.server
Sign in to add a comment

eDiscover
Helpforce eDiscover provides technical articles updated each dayHelpforce eDiscover RSS feed contains the latest technical articles in RSS
Click the logo to go back to the main page
Search eDiscover
  
Categories

Click an icon to go to that category

Helpforce eDiscover contains articles about Microsoft Windows Helpforce eDiscover contains articles about Apple products and MacOS Helpforce eDiscover contains articles about Linux and POSIX operating systems Helpforce eDiscover contains articles about Helpforce Helpforce has a large variety of technical information and articles for you to read Helpforce eDiscover contains articles about databases, MYSQL, SQL Server Oracle Helpforce eDiscover contains articles about Java, JVM and the JRE Helpforce eDiscover contains articles about the QNX operating system Helpforce eDiscover contains articles about Oracle Solaris and Open Solaris Helpforce eDiscover contains articles about RISC OS, Acorn and the BBC Micro Helpforce eDiscover contains articles about Amiga and AmigaOS

Type your comment into the box below