| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.misc -> Re: Calculated passwords ?
TurkBear wrote:
> If they are still a valid user, why stop them from logging in again?
>
> Andreas Koch <mail_at_kochandreas.com> wrote:
>
> >Daniel Morgan wrote:
> >
> >> I don't say this to be insulting but it is readily apparent that your
> >> understanding of Oracle security is minimal.
> >
> >I don't find it insulting. I am app developer and see oracle as a tool
> >to store data and execute queries as i would see notepad.exe as a tool
> >to edit texts :-)
> >
> >> If Oracle's standard security is
> >> sufficient for NSA, FBI, CIA, NYSE, and almost every bank on the planet I am
> >> quite sure it will somehow manage to make it past your requirements
> >
> >Well, i think their requirements are different from mine. Not that i
> >could prove it, but i expect them to have things like admins to set up
> >and maintain their oras ;-)
> >
> >I on the other hand usually have a personal oracle or little server
> >sitting on some NT box at the customer.
> >
> >Saying that, i guess login security isn't THAT relevant in an scenario
> >where the user can directly reach the database files ... hmm..
> >
> >> Instead of spending your time with bubblegum and rubberbands spend the same
> >> time learning that which already exists.
> >
> >Well, the security boost would probably be worth about 8 hours of
> >learning. Any recommended good reading?
> >
> >> When you understand roles, profiles, password verify functions, invited_nodes,
> >> excluded_nodes, AFTER LOGON triggers, and the rest of what is available you
> >> still think you have a security problem please let us know.
> >
> >Ah thanks, i will read a bit of these keywords to check which of these
> >are suitable to prevent a user with a valid user,role, on a valid PC,
> >and knowning the password from last login from logging in again.
>
> -----------== Posted via Newsfeed.Com - Uncensored Usenet News ==----------
> http://www.newsfeed.com The #1 Newsgroup Service in the World!
> -----= Over 100,000 Newsgroups - Unlimited Fast Downloads - 19 Servers =-----
I can think of a lot of reasons to do so. One obvious one is a user whose access is supposed to be through a form in Oracle Financials or SAP or Siebol who gets their hands on MS Access and an ODBC driver.
But locking them out when they change tools is trivial so I'm not sure why all the fuss. It should be a standard feature in the security model of any important database application.
Daniel Morgan Received on Thu Aug 15 2002 - 13:09:44 CDT
 |
 |