Re: Listener Vulnerabilities - how to address them

From: ~Jeff~ <jifjif_at_gmail.com>
Date: Thu, 10 Apr 2008 17:24:23 +1200
Message-ID: <363634910804092224y1c13dbcag9b51961609178e03@mail.gmail.com>

2008/4/10 Tony Sequeira <tony_at_sequeira.org.uk>: [snip]
> Good point, but I believe the recommendation is that the password should
> be encrypted in listener.ora file.

yes but curiously, the hashed password in the listener.ora also needs to be protected. Otherwise the hash can be read, without cracking it, to admin the listener - this is the way my wrapper script works in 8-9i !!

setting the listener.ora to be 600 privs and oracle owned works ... except where you have Oracle Apps and the listener is started by applmgr (or similar).

We have this rolled out to all our pre-10g environments (hundreds) - took ages :P

cheers-
Jeff
EDS NZ.

--
http://www.freelists.org/webpage/oracle-l

Received on Thu Apr 10 2008 - 00:24:23 CDT

This message: [ Message body ]
Next message: Peter Teoh: "ORA-01445: cannot select ROWID from, or sample, a join view without a key-preserved table"
Previous message: Bj�rn D. Jensen: "Feature for analyzing data streams?"
In reply to: Tony Sequeira: "RE: Listener Vulnerabilities - how to address them"
Next in thread: Johnson, William L (TEIS): "RE: Listener Vulnerabilities - how to address them"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message