DBA leaving sql*plus unattended: security risk?

From: Rene Nyffenegger <rene.nyffenegger_at_audatex.KEINESPAM.ch>
Date: Thu, 15 Mar 2001 20:40:52 +0100
Message-ID: <98r66o$odq$1@news1.sunrise.ch>

Hi everyone

I was wondering if it is a security risk if a dba (or someone else with dba rights) leaves the sql*plus console unattended for a short while. I am not refering to immediate risk but such that can be exploitet much later. Specifically, what comes to my mind is: creating a procedure/function that, when invoked, gives the invoker dba rights (like a setuid program under unix).

Are there such risks or not?

TIA
Rene Received on Thu Mar 15 2001 - 13:40:52 CST

This message: [ Message body ]
Next message: Daniel A. Morgan: "Re: DBA leaving sql*plus unattended: security risk?"
Previous message: Daniel A. Morgan: "Re: A non-relational prob"
Next in thread: Frank: "Create a new user"
Reply: Frank: "Create a new user"
Reply: Daniel A. Morgan: "Re: DBA leaving sql*plus unattended: security risk?"
Reply: Rick Wessman: "Re: DBA leaving sql*plus unattended: security risk?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US