Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: Tough question for oracle DBAs/Solaris Admins. Log shipping.

Re: Tough question for oracle DBAs/Solaris Admins. Log shipping.

From: Stefaan A Eeckels <hoendech_at_ecc.lu>
Date: Fri, 1 Sep 2006 23:33:06 +0200
Message-ID: <20060901233306.2c143e9e.hoendech@ecc.lu> 





On 1 Sep 2006 12:28:12 -0700


"Karen Hill" <karen_hill22_at_yahoo.com> wrote:



> Immutable files are files where not even root

> can change/delete/move a file set as immutable.




But root can unset the immutable flag. Thus it only serves as
protection against accidental deletions or modifications. This is
slightly useful. Roles are better for that purpose. 



> For the Oracle DBAs, how can you guarentee an audit trail without

> immutable files? 




You cannot guarantee it with immutable files. 



Immutability is _not_ a security feature. It does _not_ solve the
problem that root can change any file. If you cannot trust your root
user, you've got major problems. Trust is a difficult concept for PHBs,
but there is no magic solution. 



Learn to live with it.


-- 
Stefaan A Eeckels
-- 
Tener razón es una razón más para no tener ningún éxito. 
                                        --Nicolás Dávila


Received on Fri Sep 01 2006 - 16:33:06 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US