| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> RE: audit suggestion
What could they do to the database with cron that they couldn't already =
do
with the PL/SQL built-in packages that's malicious?
Access to cron is merely a convenience for administrative-type tasks, =
like
moving archive logs, etc. If somebody wanted to schedule malicious code =
to
be run, it would better to utilize the built-in packages to execute it, =
so
the SA's or anybody else, wouldn't discover it until it was to late.
Your auditors failed to understand Oracle, and the advanced aspects of computers. I'm surprised they didn't apply the same logic to the keyboards, restricting access to those so the DBA's don't run malicious code.
~ Think on a grand scale, start to implement on a small scale ~
-----Original Message-----
From: oracle-l-bounce_at_freelists.org =
[mailto:oracle-l-bounce_at_freelists.org]
On Behalf Of rjamya_at_gmail.com
Sent: Monday, January 24, 2005 9:24 AM
To: KATHERINE_KAYLOR_at_rsausa.com
Cc: oracle-l_at_freelists.org
Subject: Re: audit suggestion
At some point you have to trust your DBA, if that is not present, you =
have
bigger problems than cron jobs. auditors lack humor, so don't tell them =
I
said so.
so, if DBA's cannot run it, then unix SA's should run the cron jobs? If so, do you completely trust your SA? BTW, to heck with cronjob, use dbms_job, if you want you can still do the damage using dbms_job.
Raj
--
http://www.freelists.org/webpage/oracle-l
--
http://www.freelists.org/webpage/oracle-l
Received on Mon Jan 24 2005 - 11:51:15 CST
 |
 |