Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Password protecting Internal
In article <32EC37D6.6E1F_at_nightmare.com>, oracle says...
>
>R. Wayne Linton wrote:
>>
>> Carl, Christianson wrote:
>> >
>> > I am looking at password protecting the connect internal statement from svrmgrl.
>> > I am running Oracle 7.3 in AIX 4.1.4. How does one go about this?
>>
>> Carl, have a look at the ORAPWD utility. This creates a password file
>> for internal and sys (and other userids as you see fit). You can have
>> one for each instance or you can share this one password file across
>> several instances. You create this file via the ORAPWD utility. In vms
>> you set up an executive level logical for it so the system can find it; I
>> don't know about AIX.
>>
>> Look in your "ORACLE7 Server and Tools Administrator's Guide", chapter 2.
>>
>> --
>> R. Wayne Linton, I.S.P.
>> Database & Systems Management
>> Shell Canada Ltd.
>
>You need to use a sql*net connection for this to work. If the user is
>logged "dba" group and not using TWO_TASK to connect it still will not
>prompt for the internal password even if you use orapwd.
Thanks for the input everyone but let me be a little more specific.
I am not concerned with remote users connecting
via SQL*Net, that avenue is protected.
All that I am concerned about is that if someone can telnet to my server that
they could execute svrmgr and then connect as internal. Is there a way to do
this? Will the Orapwd facility handle this? I didn't think the documentation
in the Administrator's Guide was clear.
thanks
Carl Christianson Received on Mon Jan 27 1997 - 00:00:00 CST