Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Securing 'internal' from ROOT

Re: Securing 'internal' from ROOT

From: Piotr Kolodziej <pkol_at_otago.gda.pl>
Date: Thu, 1 Oct 1998 19:15:32 +0200
Message-ID: <6v0dcp$ofk$1@sunrise.pg.gda.pl> 





LANGE Francois wrote in message <01bded27$d25d9de0$48d69ac2_at_fran-ois>...


>Hi,


> 


>> It occurs to me that the company has a problem of a non technical nature


>- legal


>That is not the answer to the question.





From one point of view it is the answer.
On unix there's no way to protect Oracle database from root's
unwanted access as internal or sysdba (in fact as any Oracle user).
Neither with passwordfile nor with changing $ORACLE_HOME/rdbms/audit/
directory permissions.


A person with root privileges and with a pint of knowledge and 
motivation can easily discover the reason of ora-9925 and change
permisions from 0555 to 0775 for a moment required for connection.



So you had better trust your root...



Piotr Kolodziej


pkol_at_otago.gda.pl

Received on Thu Oct 01 1998 - 12:15:32 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US