DBA Privileges and Developers

Hello all,  

Aahh, the age old war, granting DBA privileges... I am in it again up to my eyeballs. Instead of standing there and saying NO, NO, NO, I took the time to pull apart the DBA role and document in detail what a majority of the roles and system privileges allow a database user to do within the database and how some of these privileges are a direct violation of Sarbanes-Oxley. This document is not perfect, but it's enough to make management stop and say, Wait, we can't allow DBA privileges to be granted to individuals outside of an administrative role. I had the document blessed by our security officer.  

I am willing to share this document with anyone who may find this kind of information useful. If you'd like a copy, please email me directly.  

I finally have posting privilege on the list now. I'd like to say THANK YOU to everyone, some of whose names I recognize from years ago, for continued lively discussion and thought provoking Q&A. I am so thrilled to be a dba working on Solaris again, to have a REAL system that I can use to test out some of the ideas being discussed by some of the brightest people I've had the privilege to, well, kind of "know".  

Have a great day everyone!  

Lisa Koivu

Oracle Database Administrator

desk: 407-903-4691

cell: 954-683-4459  

This electronic message transmission contains information from the Company that may be proprietary, confidential and/or privileged. The information is intended only for the use of the individual(s) or entity named above. If you are not the intended recipient, be aware that any disclosure, copying or distribution or use of the contents of this information is prohibited. If you have received this electronic transmission in error, please notify the sender immediately by replying to the address listed in the "From:" field.

--
http://www.freelists.org/webpage/oracle-l