Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> help : plugging a security hole

help : plugging a security hole

From: Robbie <rob_at_dsdelft.nl>
Date: 1997/10/07
Message-ID: <01bcd367$5b456ce0$LocalHost@127.0.0.1>#1/1

We are using os-authenticated logins (OPS$) on several 7.3 databases on about 10 HPUX systems. The people who use the applications login using UNIX-terminals.
Soon Win95 machines using sql*net will be plugged in to the netwerk accessing the databases. I know this is insecure but my task is to make this as save as possible. Removing all the OPS$ accounts is not an option.

I am using protocol.ora to prevent 'unkown' machines to login, so my only problem is people using a different name on W95 and accessing the database with a slash.

Can I put a on-insert trigger on a datadictionary table like v$session to trigger an event ?
Using a parameter-table : [ (IP-adress),(os-user),(application) ] decide to allow acces or immediatle killing the session. An Oracle support person says that this is not possible because the trigger is an DDL statement on the dictionary table this is not supported and failure of the trigger will prevent all connects to fail.

All comments are welcome

Thanks Robbie. Received on Tue Oct 07 1997 - 00:00:00 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US