Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Help: database security
In article <8vi893$hh315_at_inetbws1.citec.com.au>,
Wilko_at_yoa.com (Wilko) wrote:
> Hi All,
>
> I want to stop programmers being able to log into
> the production database and making changes.
>
> How can I keep the login/password secret when
> it is hard coded into the API that connects to the
> database.
>
> I know don't hard code it. But what is the alternative?
>
> Thanks,
> Chris
>
1 force the users to enter a username and a password
2 use a fixed Oracle user and develop your own login mechanism (see
http://osi.oracle.com/~tkyte)
3 use ops$ accounts
4 put passwords on the roles in use. I have a feeling though in this
case they would again hardcode it in the app
Hth,
-- Sybrand Bakker, Oracle DBA All standard disclaimers apply ------------------------------------------------------------------------ Sent via Deja.com http://www.deja.com/ Before you buy.Received on Thu Nov 23 2000 - 05:55:26 CST