| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> RE: Security Message
Mark,
It's their responsibility to deal with the client. I should have said for now this was just for sqlplus on the same server as the database.
Thanks Larry
-----Original Message-----
From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org]
Sent: Tuesday, May 16, 2006 11:55 AM
To: oracle-l_at_freelists.org
Subject: FW: Security Message
Larry, there is a potential problem with your idea. Depending on the version of the Oracle client and possibly the connection method in use the v$session.program column may be null. Some versions of the client fail to pass in the program name. Still the database logon event trigger can be useful and is a viable option. Between v$session and sys_context a good deal of information is available for capture and use.
IMHO -- Mark D Powell --
-----Original Message-----
From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org]
Sent: Tuesday, May 16, 2006 12:17 PM
To: lawrence.wolfson_at_acxiom.com; oracle-l_at_freelists.org
Subject: RE: Security Message
Larry,
We have login triggers to track connections to our databases. Works very well.
I wonder why your client is worried about sqlplus rather than any other tool available in the world. Nothing magical about sqlplus - unless they are worried about sysdba (internal) connections.
Tom
-----Original Message-----
From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Wolfson Larry -
lwolfs
Sent: Tuesday, May 16, 2006 11:45 AM
To: oracle-l_at_freelists.org
Subject: Security Message
One of our clients wants to put out a security message, like the one that shows up to a OS user, anytime someone runs sqlplus on a server.
2 years ago we suggested they use the glogin.sql code to provide this. They finally came back and asked us if we could implement it.
Now we're vacillating between that and using a login trigger to
do it.
One advantage of the login trigger is we can identify what programs are
actually being run against the database and from where.
Does anyone have a better suggestion or idea(s)?
TIA Larry ***************************************************************************
If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.
If you have received this communication in error, please resend this communication to the sender and delete the original message or any copy of it from your computer system.
Thank You.
--
http://www.freelists.org/webpage/oracle-l
--
http://www.freelists.org/webpage/oracle-l
--
http://www.freelists.org/webpage/oracle-l
Received on Tue May 16 2006 - 12:02:59 CDT
 |
 |