Oracle 8.0.5 and DBA_AUTHORIZATION

I have recently installed Oracle 8.0.5 and am wondering what the recommended way of handling the change to the way DBA_AUTHORIZATION works in 8.0.5.

On our 7.3.3 database environment this registry parameter is set to BYPASS. This allows us to connect internal or connect / as sysdba without a password (without requiring any OS authentication ie NT groups etc). The parameter REMOTE_LOGIN_PASSWORDFILE is set to NONE.

In the 8.0.5 environment, I can only connect as internal without a password if i set the DBA_AUTHORIZATION registry parameter to the internal password. I also must have the REMOTE_LOGIN_PASSWORDFILE set to SHARED or EXCLUSIVE. I still have not figured how to connect / as sysdba in the 8.0.5 environment without a password.

I am also concerned that allowing a connect internal or connect / as sysdba without passwords are potential security problems. We do have some batch files that are scheduled to run on the server that connect as internal to startup/shutdown the instances and by using connect internal, we do not have to embed passwords in these files.

I would be interested in knowing what people think of allowing connect internal or connect / as sysdba without passwords. Also is setting DBA_AUTHORIZATION to the internal password a good idea? How can I connect / as sysdba without a password (Do I need to if connect internal works?) and is this a good idea?

Any thoughts appreciated.
Ken White Received on Tue Apr 27 1999 - 01:42:36 CDT