Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: SYS/SYSTEM account security - newbie Q

Re: SYS/SYSTEM account security - newbie Q

From: Sybrand Bakker <postbus_at_sybrandb.demon.nl>
Date: Fri, 08 Jan 1999 21:15:28 +0100
Message-ID: <3696675F.D44A70E@sybrandb.demon.nl> 





Responses embedded



cbeyer_at_my-dejanews.com wrote:



> I am an auditor -- not a techie.  Based upon my research I recommended to


> better secure the SYS/SYSTEM accounts (e.g. turn over password to IPO and


> activate only when needed.)in order to prevent intentional or UNintential


> changes to the database.  Auditee responded that:


>


> To shutdown, DBAs connect through Oracle's Server Manager (which connnects as


> SYS.)  Server Mgr is avail to all in DBA group in any DBA (through SM) can do


> same things as if connected as SYS/SYSTEM.





This is not the complete story. Anyone (assuming auditee is running Unix) in the
unix dba group can use the internal pseudo account to connect. They also won't
need to specify a password as they are in the dba group. The internal account is
going to be obsolete soon. In order to shutdown the database and maintain the
physical database you need to have SYSDBA privilege. By default the internal
account and the SYS accounts are the only accounts with SYSDBA privilege. In
order to make the system more secure at least 1 account with sysdba privilege
should be setup. Access to sys and system should be avoided as much as possible.



>


>


> DBAs use SYS/SYSTEM to view X$ tables.  CAN'T THEY ALSO DO AS DBA?


>







> Yes of course. In version 7 databases anyone with select any table privilege


> can


>





> Are we correct in assuming the more secure the SYS/SYSTEM accounts the less


> risk there is to the database?





Yes



> Are there any reasons why these accounts


> shouldn't be secured (e.g. give out password only when needed)?





No, except laziness (sorry! The real reason of course is that Oracle security is
getting a little bit complex and they want to avoid to have to find out what the
exact possibilities are. Grant all developers dba privilege and they won't
complain anymore. Of course security will be compromised as all developers can
destroy the database (they still won't able to shut it though). I've seen that
many times)



> Are they


> other BETTER ways to reach the same end goal (e.g. accountability for


> actions, limit opportunities to do intential or unintentional damage to


> database?





See my remarks about creating an user with sysdba privilige.



>


>


> Any assistance would be greatly appreciated!!  Thanks!


>





Hth,



Sybrand Bakker, Oracle DBA



>


> -----------== Posted via Deja News, The Discussion Network ==----------


> http://www.dejanews.com/       Search, Read, Discuss, or Start Your Own








Received on Fri Jan 08 1999 - 14:15:28 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US