Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Oracle 9i and connect as sys

Re: Oracle 9i and connect as sys

From: Tim Gorman <tim_at_sagelogix.com>
Date: Mon, 18 Aug 2003 05:29:23 -0800
Message-ID: <F001.005CB567.20030818052923@fatcity.com> 





CREATE PUBLIC SYNONYM is a permission I'll give away freely, even to a PHB.
It's DROP PUBLIC SYNONYM that really needs some thought...



Installing Oracle in a shop that has never used UNIX or Oracle before is
never cheap, whether I do it or not.  This particular shop was
OpenVMS/Ingres coming into Solaris/Oracle, so the real expense will come
after their current staff is fully retrained and discovers Monster.com...





on 8/17/03 9:19 PM, Mladen Gogala at mgogala_at_adelphia.net wrote:


> 
> On 2003.08.17 23:39, Tim Gorman wrote:




>> Babette,


> 




>> 

>> Just this Friday, I was wrapping up an installation engagement and one of

>> the last things we did was change all the passwords.  Standard practice.

>> Immediately, one of the development managers comes boiling out of his office

>> screaming "Who changed the passwords to SYS and SYSTEM?".  I 'fessed up and

>> asked him why he thought he needed it.  He turned red and snarled that he

>> just needed it and never you mind, turned on his heel and went in the CIO's

>> office, then came boiling back with approval.  We turned it over, and within

>> 5 minutes I logged back onto the system and saw SQL*Plus running with the

>> SYS/SYSTEM password visible to anyone and everyone who can run the UNIX "ps"

>> command.  I looked at the scripts he was running, noticed that all he wanted

>> SYS/SYSTEM for was to create PUBLIC SYNONYMs.  I left to catch my plane...


> 
> I have a myriad of similar war stories. The best reaction is to collect them
> and share with this email list. The company name should, of course, be kept
> confidential, but we all know the PHB type of manager. Of course, having a
> manager create public synonyms on your database is, in itslef, a recipy for
> disaster. Next time something goes wrong, they'll have to buy you a 1st class
> ticket to your plane. I don't imagine that having Tim Gorman himself install
> your database comes in cheap....
> 




-- 
Please see the official ORACLE-L FAQ: http://www.orafaq.net
-- 
Author: Tim Gorman
  INET: tim_at_sagelogix.com

Fat City Network Services    -- 858-538-5051 http://www.fatcity.com
San Diego, California        -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).


Received on Mon Aug 18 2003 - 08:29:23 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US