Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Using TOAD on production databases

Re: Using TOAD on production databases

From: Raj Jamadagni <rjamya_at_yahoo.com>
Date: Mon, 16 Aug 2004 15:29:28 -0700 (PDT)
Message-ID: <20040816222928.24322.qmail@web50002.mail.yahoo.com>


There are many words in your first statement that are an security auditor's dream. I bet Pete F. is using mapquest to find fastest route to your office right now.

So, let me get this straight, ON PRODUCTION database you are worried that developers accessing SYS/SYSTEM objects so you will block them. Great. But you don't have a problem if they acces production data?? Sarbanes-Oxley ... and I think you work for a BIG financial company right??

Developers shouldn't be connecting to production database without a valid reason ... period. And no metter which site writes what, the only way to incorporate security is to use TOAD security. RTFM the TOAD stuff, it is all explained there.

BTW don't give me any roles but grant me 'execute any procedure' and give me 2 minutes, I'll probably be able to revoke all your roles ... least I'll grant myself DBA role ...

Raj

> Is there any problem with developers using Quest Software's TOAD on
> production databases? Regardless of the functionality in TOAD, a
> developer shouldn't be able to use the DBA functionality in TOAD,
> correct? We grant roles to developers and those roles never include any
> privilesges on SYSTEM or SYS owned objects. What made me ask this
> question is a script on www.orafaq.com that shows a way to prevent
> developers from using TOAD on production databases. Any thoughts are
> appreciated.
>
> Venu Potluri
> Oracle Financials DBA
> --------------------------------------------------------
>
> If you are not an intended recipient of this e-mail, please notify the sender, delete it and do
> not read, act upon, print, disclose, copy, retain or redistribute it. Click here for important
> additional terms relating to this e-mail. http://www.ml.com/email_terms/
> --------------------------------------------------------
>
>
> ----------------------------------------------------------------
> Please see the official ORACLE-L FAQ: http://www.orafaq.com
> ----------------------------------------------------------------
> To unsubscribe send email to: oracle-l-request_at_freelists.org
> put 'unsubscribe' in the subject line.
> --
> Archives are at http://www.freelists.org/archives/oracle-l/
> FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html
> -----------------------------------------------------------------
>



Best Regards
Raj

select mandatory_disclaimer from company_requirements;                 

Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail

Please see the official ORACLE-L FAQ: http://www.orafaq.com

To unsubscribe send email to: oracle-l-request_at_freelists.org put 'unsubscribe' in the subject line.
--
Archives are at http://www.freelists.org/archives/oracle-l/
FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------
Received on Mon Aug 16 2004 - 17:25:49 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US