| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Database security
List,
Here in the midst of Sarbanes Oxley, I've been pondering methods that might be used to prevent a system administrator from connecting to any databases running on that box.
I know that it is possible to setup Oracle on Windows so that without a password, you cannot logon to the database as sysdba.
eg. sqlplus "/ as sysdba" will require a password.
The caveat to this is that the SA can simply:
That won't get you SYSDBA, but it will get you DBA, which is probably
enough
for any nefarious activities.
On *nix it is a bit different of course. Anyone with root can simply su to oracle.
I have been perusing Pete Finnigan's "Oracle Security Step-by-Step" but
have
not yet found information pertaining to this particular topic, other than
revoking
privs from the DBA account. That action is not applicable here, as the
team of
DBA's consists of me by myself.
And TIA Mladen, but I already know how it works on unix, and that MS is
the
dark side of the force, but is unfortunately what I have to live with.
Jared
-- Archives are at http://www.freelists.org/archives/oracle-l/ FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html -----------------------------------------------------------------Received on Tue Mar 16 2004 - 16:33:06 CST
 |
 |