Re: SQLNET.AUTHENTICATION_SERVICES = (NONE) results in ERROR: ORA-01031: insufficient privileges

From: sundar mahadevan <sundarmahadevan82_at_gmail.com>
Date: Tue, 22 Sep 2009 13:49:20 -0400
Message-ID: <7d81ec570909221049i3db10cbbn7664e163757d3f8d_at_mail.gmail.com>



I just tested a scenario with respect to this. I already have a user named "oracle" under which all the installations had been done. I deleted sqlnet.ora which contained SQLNET.AUTHENTICATION_SERVICES = (NONE). user "oracle" belonged to groups oinstall and dba. After the deletion of sqlnet.ora , / as sysdba connects. I then created a new user "orauser" . "orauser" did not belong to any group. When I tried to connect / as sysdba with "orauser" I get ORA-01031: insufficient privileges. Then when i added "orauser" to dba group, I was able to connect with / as sysdba. I changed "orauser" group from dba to oinstall and connect with / as sysdba did not work. So any user belonging to group dba, can connect with / as sysdba while others cannot. My intention in using SQLNET.AUTHENTICATION_SERVICES = (NONE) was to be more secure. But from the answers I received, it looks like most production severs do not run with SQLNET.AUTHENTICATION_SERVICES = (NONE). My decision now is to remove SQLNET.ora . My question now is "Am I doing the right thing. Is my database secure without SQLNET.AUTHENTICATION_SERVICES = (NONE)" ? Thanks for your help.
--
http://www.freelists.org/webpage/oracle-l
Received on Tue Sep 22 2009 - 12:49:20 CDT

Original text of this message