Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Disabling access of third party products

RE: Disabling access of third party products

From: Jared Still <jkstill_at_bcbso.com>
Date: Thu, 6 Jul 2000 10:20:14 -0700 (PDT)
Message-Id: <10550.111359@fatcity.com> 





Larry,



We've considered that method, and I believe one app
here actually uses it.



There is however a risk there that you need to be
aware of.



The application name can easily be spoofed in one
of 2 ways:



    
  
  1.   rename an executable that connects to the database
  
  2.   register the app name via DBMS_APPLICATION_INFO.







Jared



On Wed, 5 Jul 2000, Larry G. Elkins wrote:



> Bruce,

> 

> That is one of the things that I have been thinking about, and, was crossing

> my mind when I made the reply. I originally had it in there as a

> possibility; but, since I hadn't done it before, I left it out (I have 8.1.6

> here at home; but, the current production environment I work in is 7.3.4.5).

> I was trying to be as brief as I could (for me anyway); but, I *had* a

> question in there at the end, before severely cutting down the response,

> asking if anyone had tried the approach with a LOGON trigger determining the

> tool. I can be soooo wordy and want to explain everything that I find myself

> composing 3 page replies to a simple question. I then edit everything down

> to just those things that I know and can easily explain. And even then I

> make mistakes and provide a long reply (like this one).

> 

> Thanks for bringing that up because it is something that I have wondered

> about; but, never had the chance to try. It seems like a really good idea. I

> would like to hear if other people have used the LOGON trigger approach for

> this purpose.

> 

> Regards,

> 

> Larry G. Elkins

> The Elkins Organization Inc.

> elkinsl_at_flash.net

> 214.954.1781

> 

> -----Original Message-----

> Bruce (CALBBAY)

> Sent: Wednesday, July 05, 2000 9:04 PM

> To: Multiple recipients of list ORACLE-L

> 

> 

> Larry,

> 

> An addition to this might be to create a login trigger that checks if the

> user is connecting via an authorised program.

> 

> If the user is not connecting via such a program (eg if connecting via SQL

> Plus) then the trigger could disconnect them.

> 

> I'm not sure but this may be only easily possible under 8i.

> 

> Someone else may be able to help with the code for such a trigger.

> 

> Regards,

> 

> Bruce Reardon

> Analyst / Programmer

> Comalco Aluminium (Bell Bay)

> mailto:bruce.reardon_at_comalco.riotinto.com.au

> 

> 

> -- 

> Author: Larry G. Elkins

>   INET: elkinsl_at_flash.net

> 

> Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051

> San Diego, California        -- Public Internet access / Mailing Lists

> --------------------------------------------------------------------

> To REMOVE yourself from this mailing list, send an E-Mail message

> to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in

> the message BODY, include a line containing: UNSUB ORACLE-L

> (or the name of mailing list you want to be removed from).  You may

> also send the HELP command for other information (like subscribing).

> 





Jared Still


Certified Oracle DBA and Part Time Perl Evangelist  ;-)
Regence BlueCross BlueShield of Oregon
Received on Thu Jul 06 2000 - 12:20:14 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US