Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Securing 'internal' from ROOT

Re: Securing 'internal' from ROOT

From: Piotr Kolodziej <pkol_at_otago.gda.pl>
Date: Thu, 1 Oct 1998 18:51:19 +0200
Message-ID: <6v0bvc$ll0$1@sunrise.pg.gda.pl> 





rwessman_at_us.oracle.com wrote in message ...
[cut]


>Try this: change config.c so that it specifies a group that oracle is not a


>member of. This will prevent the oracle user from connecting without a


>password. Create a password for the internal user using the orapwd utility.


>


>Even if the root user su's as oracle, he will need a password to connect.


[cut]




But even not very clever root can easily prepare his own password file,
then simply rename original password file to another name, put prepared one
in place of the original. And after his connections as sysdba are completed,
root restores original passworfile.


Doesn't it work ?



Piotr Kolodziej


pkol_at_otago.gda.pl

Received on Thu Oct 01 1998 - 11:51:19 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US