Re: oracle binaries and datafiles
Date: Mon, 2 Apr 2018 17:40:57 +0000
Message-ID: <HE1PR1001MB1243441E63211D7006ABE65085A60_at_HE1PR1001MB1243.EURPRD10.PROD.OUTLOOK.COM>
Using the ASM Filter driver can help protect against most casual admin accidents, like dd-ing you device into oblivion, or runaway “cleanup” scripts - but nothing can stop a determined admin who has an experience bucket not yet full, and a leaky luck bucket.
Neil.
sent from my phone
> On 2 Apr 2018, at 16:50, Mark W. Farnham <mwf_at_rsiz.com> wrote:
>
> Point well taken.
>
> There is some value, but not real security, in forcing a sysadmin off her meds (or simply incompletely trained) to destroy a whole mount point in that you might at least force some conscious thought and evade trivial cleanup shell scripts.
>
> A determined agent with the requisite authority can destroy pretty much anything.
>
> mwf
>
> -----Original Message-----
> From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Mladen Gogala
> Sent: Sunday, April 01, 2018 12:24 AM
> To: oracle-l_at_freelists.org
> Subject: Re: oracle binaries and datafiles
>
> The concept you described below is known as "security by obscurity". I am not a great believer.
>
>
>> On 03/28/2018 04:13 PM, Justin Mungal wrote: >> Tim mentioned ASM... there are many benefits to it that are mentioned >> in the documentation, but it also adds protection to your database >> from non-Oracle people. A system admin wanting to free up filesystem >> space can't delete redo1.log if it's stored somewhere he doesn't know >> how to access. >>
>
> --
> Mladen Gogala
> Database Consultant
> Tel: (347) 321-1217
>
> --
> http://www.freelists.org/webpage/oracle-l
>
>
> --
> http://www.freelists.org/webpage/oracle-l
>
>
i0zX+n{+i^ Received on Mon Apr 02 2018 - 19:40:57 CEST