Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: open source PostgreSQL not supportable? (Was: Challenging SQL Query Problem. Can you solve it?)

Re: open source PostgreSQL not supportable? (Was: Challenging SQL Query Problem. Can you solve it?)

From: DA Morgan <damorgan_at_psoug.org>
Date: Fri, 06 Jan 2006 11:18:37 -0800
Message-ID: <1136575114.278502@jetspin.drizzle.com> 





Justin L. Kennedy wrote:


> In comp.databases.postgresql DA Morgan <damorgan_at_psoug.org> wrote:

> 


>>The laws are intended to make sure that the audit trail prevents system
>>administrators and DBAs from making unaudited changes. So root and all
>>system/DBA passwords plus physical access to the server.




> 

> 

> Once you have root, you pretty much have everything needed to make any 

> unaudited changes you want.  How does Oracle solve this problem?  For 

> example, given root, what is to stop someone from opening up the tables in 

> a hex editor as they appear on the hard disk?




Hans gave you part of the picture. Another is built-in capabilities such
as the DBMS_CRYPTO, DBMS_OBFUSCATION_TOOLKITS, and TRANSPARENT DATA
ENCRYPTION that can make it impossible to use a hex editor on anything.



Also, to make any changes undetectably would require bringing down the
instance and database ... something impossible to do without leaving a
record of the intrusion.



There are many other ways as well. But these are enough to make the point.

-- 
Daniel A. Morgan
http://www.psoug.org
damorgan_at_x.washington.edu
(replace x with u to respond)


Received on Fri Jan 06 2006 - 13:18:37 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US