Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Difference in SYS user and A user with dba previleges.

RE: Difference in SYS user and A user with dba previleges.

From: Mandal, Ashoke <ashoke.k.mandal_at_medtronic.com>
Date: Mon, 9 Oct 2006 12:13:32 -0500
Message-ID: <F184F089F3A34E428AA57BB0D43626ED75E8F4@MSPM1BMSGM04.ent.core.medtronic.com>


We were also asked by security audit team to use individual userid with DBA privilege for database administration so that you know who has done the changes in the database. But my feeling is that you can't track any changes without any auditing on.  

Thanks,
Ashoke


From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Niall Litchfield Sent: Monday, October 09, 2006 9:21 AM
To: sjaffarhussain_at_gmail.com
Cc: Oracle-L_at_Freelists. Org (E-mail)
Subject: Re: Difference in SYS user and A user with dba previleges.

I'd agree with your security people that you  

  1. change default passwords and
  2. don't use sys for admin tasks.

I'm not sure that I'd be convinced by the argument that system shouldn't be used, but that an identically privileged account should be setup instead.  

On 10/9/06, Syed Jaffar Hussain <sjaffarhussain_at_gmail.com> wrote:

        Hi List,         

        I am working in an organization where security people asked us not

	keep the sys and system user passwords, rather create an dba 
	authenticated user with dba prvileges.
	I know that the user with just dba privileges, can't shutdown
and
	startup the database.
	However, I believe, on server, we can use 'connect / as sysdba'
and do
	startup and shutdown. 
	Is there anything significant difference between the sys user
and a
	user with dba premission? I mean, dba administration point view.
	
	Thanks for your time.
	

--
Best Regards, Syed Jaffar Hussain 8i,9i & 10g OCP DBA I blog at :http://jaffardba.blogspot.com/

http://www.oracle.com/technology/community/oracle_ace/ace1.html#hussain         



	"Winners don't do different things. They do things differently."

--
http://www.freelists.org/webpage/oracle-l
-- 
Niall Litchfield
Oracle DBA
http://www.orawin.info 

--
http://www.freelists.org/webpage/oracle-l
Received on Mon Oct 09 2006 - 12:13:32 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US