Re: root logging as internal

Answers embedded

<aanon_1_at_hotmail.com> wrote in message news:8cd127$26l$1_at_nnrp1.deja.com...
> Hello all,
>
> Hopefully there is a work around to this "issue". However, so far I
> have not been able to resolve it.
>
> Last week one of our UNIX admins took the liberty to log into Oracle
> via the internal account and created himself a Oracle ID. In essence
> he did this
>
> $ su - oracle
>
> $ svrmgrl
>
> svrmgr > connect internal
>
> And he was off to the races. Seeing that this is a gaping hole in our
> security I tried a variety of items including using the orapwd
> utility. I ended up calling Oracle, and they said that since root is a
> special account and can su to anything, they can log into Oracle as
> they see fit.
>
> I'm having a tough time believing this. So...
>
> 1) Is this true?

Yes!

> 2) If there is a work around could you pls post it.
>

Fire your admin
At some point you simply should trust a person and/or log all his actions on a hardcopy terminal.
If you don't trust him, don't give them job. One of the facts in live in Unix is anyone knowing the root password can do anything.

> I am aware of the audit files (.aud), but they are only useful after
> the fact.
>
> TIA,
>
> anon_1
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.

Hth,

Sybrand Bakker, Oracle DBA Received on Tue Apr 04 2000 - 00:00:00 CDT