| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Password protecting Internal
Carl, Christianson wrote:
>
> Thanks for the input everyone but let me be a little more specific.
> I am not concerned with remote users connecting
> via SQL*Net, that avenue is protected.
> All that I am concerned about is that if someone can telnet to my server that
> they could execute svrmgr and then connect as internal. Is there a way to do
> this? Will the Orapwd facility handle this? I didn't think the documentation
> in the Administrator's Guide was clear.
> thanks
>
> Carl Christianson
No this is not a problem unless the user is in the "dba" group. If you are worried about the other users on a system connecting internal you need to control it this way. Just make that the users are not in the "dba" group and they will not be able to connect internal. The only other way around this that I can think of is to remove the bequeath adapter out of the ntcontab and link it back into the kernel.
As you can see it is far easier to just leave users you do not want to connect internal out of the "dba" group.
You still want to use orapwd to control user comming in via sql*net though as they get authorized on client side. This type of access is what you need to worry about, not users telneting in. Received on Tue Jan 28 1997 - 00:00:00 CST
 |
 |