| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> RE: Stop using SYS, SYSTEM?
I agree 100% with Dick. Nobody should be using SYS or SYSTEM. If RMAN
requires a SYS connection, then so be it.
Tom Mercadante
Oracle Certified Professional
-----Original Message-----
Sent: Wednesday, November 12, 2003 3:45 PM
To: Multiple recipients of list ORACLE-L
Personal Opinion here: I don't use SYS or system for anything where it is not absolutely required. All of the DBA's have the DBA role granted to them & we log on as ourselves. This is simply so that we don't accidentally step on something really important. In general one should never create anything in the SYS schema since it won't get exported when you do a full database export. System is a little safer, but still.. I have seen a couple of "white papers" that have made statements such as "SYS and SYSTEM should be locked and never opened" as well as other similar alarming (to the pointy headed non-technical types) statements that indicate that disaster is waiting in the wings. All of them can be summarily dismissed as having been written by those who are similarly non-technical. BTW: Even if you are auditing, a DBA can eliminate the records in V$Audit of they wish.
Dick Goulet
Senior Oracle DBA
Oracle Certified 8i DBA
-----Original Message-----
Sent: Wednesday, November 12, 2003 3:05 PM
To: Multiple recipients of list ORACLE-L
We are being asked by Auditing to stop using the SYS, and SYSTEM accounts. They would like for us to create an Oracle Role with the same permissions a SYS and SYSTEM, then grant the role to each of the DBA's. Don't ask me why. Nothing is being audited in 99% of the databases. They just say it in a paper some where so they said we shouldn't use it. This seems like it would cause lots of problems with exports, imports, installs, etc... Has anyone had to deal with this type of request? Any potential problems with making the change?
Thanks!
Ron Smith
--
Please see the official ORACLE-L FAQ: http://www.orafaq.net
--
Author: Smith, Ron L.
INET: rlsmith_at_kmg.com
Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services ---------------------------------------------------------------------To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services ---------------------------------------------------------------------To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services ---------------------------------------------------------------------To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). Received on Wed Nov 12 2003 - 14:49:25 CST
 |
 |