Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.misc -> Re: need help to secure production DB from ODBC access
Ellie,
We had the same problem, our solution was to apply encryption on the server and application side for the password. ie
password=foobar
encrypted=ofbora
The application would take the password 'foobar' and change it to connect. The DBA's on the serverside would run our password encryption scheme to get a valid password for 'ALTER USER ...'.
IF the user tried with SQL*Plus or ODBCTest, they have difficulty connecting and can be easily audited.
Chris.
Ellie Fillmore wrote:
>
> We have our Oracle 7.3 database on an HP-UX box and is being accessed
> through a canned front-end that requires each oracle user
> select,insert,update,delete authority to each table. The front-end is a
> project management tool that also interfaces with Microsoft project. How
> can we limit people from coming in thru ODBC to change the data and force
> them to come in thru the front-end??
>
> Any ideas would be appreciated!
>
> efillmore_at_earthlink.net
Received on Wed Feb 24 1999 - 17:41:04 CST