Re: Privileges by session
From: Yechiel Adar <adar666_at_inter.net.il>
Date: Tue, 12 Jan 2010 19:40:01 +0200
Message-id: <4B4CB3F1.4020200_at_inter.net.il>
Sure, but:
1) How many are worth employment? :-)
2) Adding check on the source, that should be production servers that the developers has no access to, will help.
Date: Tue, 12 Jan 2010 19:40:01 +0200
Message-id: <4B4CB3F1.4020200_at_inter.net.il>
Sure, but:
1) How many are worth employment? :-)
2) Adding check on the source, that should be production servers that the developers has no access to, will help.
Adar Yechiel
Rechovot, Israel
Jared Still wrote:
> On Tue, Jan 12, 2010 at 4:54 AM, Yechiel Adar <adar666_at_inter.net.il
> <mailto:adar666_at_inter.net.il>> wrote:
>
>
> 2) Put in a login trigger that will fail all logon with the
> application user but with other programs like SQLPLUS or TOAD.
>
>
> Any developer worth employing can circumvent a trigger that checks
> executable names.
>
>
> Jared Still
> Certifiable Oracle DBA and Part Time Perl Evangelist
> Oracle Blog: http://jkstill.blogspot.com
> Home Page: http://jaredstill.com
-- http://www.freelists.org/webpage/oracle-lReceived on Tue Jan 12 2010 - 11:40:01 CST