Re: Connect internal

"Sybrand Bakker" <postbus_at_sybrandb.demon.nl> wrote in message news:tamo7dmserf809_at_beta-news.demon.nl...
>
> "Van Messner" <vmessner_at_bestweb.net> wrote in message
> news:5Azq6.1412$FQ3.131727_at_monger.newsread.com...
> > connect sys as sysdba then change the sys password
> >
> >
> > "fogun" <nospam_at_spam.net> wrote in message
> > news:a_yq6.1167$T45.597968_at_news2.cableinet.net...
> > > Hi all,
> > >
> > > Can anyone explain to me why I can issue an connect internal command
 at
> > > SQL>? and it connects to the database without using a password. If I
 issue
> > > the same command connect internal/password, gives the same result.
> > >
> > > How can I protect connect internal.
> > >
> > > F
> > >
> > >
> >
> >
> Sorry to say so, but this answer is incorrect.
> As he is capable of using connect internal without password he uses OS
> authentication. So changing the password wouldn't make any difference.
> Of course this works on the server only.
> On NT you could try to remove the ORA_DBA local group.
> On Unix implementations of Oracle you can't disable this at all, and why
> should you, as you are already connected to the server as a privileged
user.

I may be wrong, but I thought on Unix that it was membership of the 'dba' group that gained you O/S authentication rights. Hence, removal of that group, or all entries within it, would effectively 'switch off' O/S authentication on Unix, and force the use of Password File authentication.

I can't see why Unix should be different in this regard as compared with NT (but I'm willing to learn!)

Regards
HJR
>
> Regards,
>
> Sybrand Bakker, Oracle DBA
>
>
>
>
Received on Sun Mar 11 2001 - 05:43:55 CST