Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.misc -> Re: Calculated passwords ?
Daniel Morgan wrote:
> I don't say this to be insulting but it is readily apparent that your
> understanding of Oracle security is minimal.
I don't find it insulting. I am app developer and see oracle as a tool to store data and execute queries as i would see notepad.exe as a tool to edit texts :-)
> If Oracle's standard security is
> sufficient for NSA, FBI, CIA, NYSE, and almost every bank on the planet I am
> quite sure it will somehow manage to make it past your requirements
Well, i think their requirements are different from mine. Not that i could prove it, but i expect them to have things like admins to set up and maintain their oras ;-)
I on the other hand usually have a personal oracle or little server sitting on some NT box at the customer.
Saying that, i guess login security isn't THAT relevant in an scenario where the user can directly reach the database files ... hmm..
> Instead of spending your time with bubblegum and rubberbands spend the same
> time learning that which already exists.
Well, the security boost would probably be worth about 8 hours of learning. Any recommended good reading?
> When you understand roles, profiles, password verify functions, invited_nodes,
> excluded_nodes, AFTER LOGON triggers, and the rest of what is available you
> still think you have a security problem please let us know.
Ah thanks, i will read a bit of these keywords to check which of these are suitable to prevent a user with a valid user,role, on a valid PC, and knowning the password from last login from logging in again.
-- Andreas To boldly go where no sane person has gone beforeReceived on Thu Aug 15 2002 - 11:47:59 CDT