Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> remote_os_authen and security
Our application builders uses the / to let users login into the database.
They also set the parameter TWO_TASK. Inorder to use TWO_TASK you
have to set remote_os_authen in the init.ora to yes.
The result is, from any other host a user can login without a password.
On a windows 95 pc you can set in your registry a username wich is
know
to Oracle, and you don't have to use a password.
When the users are working from the Unix platform I don't have a problem
with
it, because the HAVE to login in Unix.
If I set remote_os_authen to no then the TWO_TASK is not accepted.
How can I solve this security issue?
Thanks,
Ton Raaijmakers
Gemeente Dordrecht
Received on Tue Feb 23 1999 - 01:52:12 CST