Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Using TOAD on production databases

Re: Using TOAD on production databases

From: <rstevenson_at_cobblesoft.com>
Date: Mon, 16 Aug 2004 18:02:54 -0500
Message-Id: <200408162302.i7GN2sa10176@smapp01.siteprotect.com>


The production issue is one of the main reasons we developed our freeware tool SchemaSurf (the other requirement being web-based). Although it doesn't claim anywhere near-like the industrial strength that Toad has, it does provide developers with read-only access to production data/models. TOAD is a great tool, but with Sarbanes-Oxley, it's critical that appropriate procedures are in place (so we can all go break them!)

SchemaSurf has been installed in more than 50 countries, and we had numerous folks at OAUG shows etc tell us that they use TOAD for dev/test and SchemaSurf for prod. Made their management very happy .... and DBA's were able to control access via tns/name servers etc. since SchemaSurf doesn't use SQL*Net/Net8.

It's at http://www.cobblesoft.com/schemasurf/ for anyone interested.

Regards,

Richard J Stevenson
CobbleSoft International Ltd.
www.cobblesoft.com
US/Can Toll-Free: 866-380-6716
International: +1 315 548 5810



On Mon, 16 Aug 2004 15:29:28 -0700 (PDT), Raj Jamadagni <rjamya_at_yahoo.com> wrote:

> There are many words in your first statement that are an security auditor's dream. I bet Pete F.
> is using mapquest to find fastest route to your office right now.
>
> So, let me get this straight, ON PRODUCTION database you are worried that developers accessing
> SYS/SYSTEM objects so you will block them. Great. But you don't have a problem if they acces
> production data?? Sarbanes-Oxley ... and I think you work for a BIG financial company right??
>
> Developers shouldn't be connecting to production database without a valid reason ... period. And
> no metter which site writes what, the only way to incorporate security is to use TOAD security.
> RTFM the TOAD stuff, it is all explained there.
>
> BTW don't give me any roles but grant me 'execute any procedure' and give me 2 minutes, I'll
> probably be able to revoke all your roles ... least I'll grant myself DBA role ...
>
> Raj



Please see the official ORACLE-L FAQ: http://www.orafaq.com

To unsubscribe send email to: oracle-l-request_at_freelists.org put 'unsubscribe' in the subject line.
--
Archives are at http://www.freelists.org/archives/oracle-l/
FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------
Received on Mon Aug 16 2004 - 17:58:32 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US