Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> passwords

passwords

From: Michael Reeves <mreeves_at_yourcall.com>
Date: Thu, 24 Sep 1998 16:23:20 -0500
Message-ID: <6ued5e$jjb@news9.noc.netcom.net> 





I just had a question answered about changing the internal password on a
database. We are using Oracle 8.0.5 on an NT box. To change the internal
password, we simply renamed the current password file and created a new
password file that reflects the new internal password. This then gives us
internal control of the database with the new password.



This brings up my next question, what is to prevent someone (with some
knowledge of Oracle) that should not have access to the database, from
deleting the password file, creating a new password file, and then getting
internal control of the database.



From a security viewpoint, how do you safeguard against this. Is it simply
an operating system security control, or does oracle have some way to secure
against this method of gaining access to the database?



Thanks for any comments


Michael


Received on Thu Sep 24 1998 - 16:23:20 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US