Date: Thu, 18 Feb 2010 07:27:26 -0700
On Wed, Feb 17, 2010 at 10:08 PM, Kellyn Pedersen <kjped1313_at_yahoo.com> wrote:
I've hardened a number of applications vs. what the vendor/developer TOLD me were the requirements. The one that I could not remove grants from public? Esri's Arc SDE, so I'm going to have to put a disclaimer on that one... (darn public grants checked and exited if not found by the front end application....grumble, grumble...:))
Hi Kellyn (and other listers) -
Can this area be expanded on a bit please? I know nothing about ARC SDE other than just a few bits and pieces I've overheard here and there.
My organization is really GIS-oriented and for the most part is TOTALLY database ignorant (not illiterate, but actually ignorant). They consider Word documents and spreadsheets as 'databases'! Anyway, several scientists that have some decent level of input at higher management levels have been talking/proposing bringing in ARC SDE to connect to some of our various 'databases', so they can see the locations visually and conduct their queries and analysis through a GIS interface.
One of the things I've overheard is that ARC SDE pretty much requires it's own server and a dedicated administrator. So, that would be one huge strike against ARC SDE, as we simply don't have any IT folks with the 'free time' to take over this additional duty.
If SDE really does require the public grants, there isn't any way I'd allow that on either of my systems, as then I would constantly be bombarded by the security folks about why I was not in compliance with the mandatory security rules on my databases. So, would it work if I installed an EE database on the ARC SDE server and setup database links and views (all read-only), so only the one database was 'open' (security-wise)? This way all of the 'direct' access would take place in the 'shell' database that doesn't conatin any data, just the links and view definitions to the 'real' databases. If the 'shell' database ever got hacked, then the data couldn't be changed/destroyed, as the account on it would only have SELECT rights. It would probably be easier to get setup for access to other types of 'databases' (as our organization calls them) as well, installing the various gateway drivers, etc. for the various types of 'databases'.
That would be a much more manageable security risk rather than opening up the security on any databases they wanted to access with SDE. I am probably one of the few 'knowledgable' people in my organization about Oracle, and I don't even begin to compare with the breadth of knowledge and experience of most of the other folks on this list, but I keep getting asked these kinds of questions as the Oracle guru within our group, and this is way beyond my knowledge or experience. I'm guessing quite a lot at what may work, but I have nothing to factually base my recommendations on.
Thanks for any and all expansions or further explanations on the above.
- Bill Ferguson