Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: changing password for user internal

Re: changing password for user internal

From: Sybrand Bakker <oradba_at_sybrandb.demon.nl>
Date: Thu, 03 Jan 2002 06:54:17 +0100
Message-ID: <rbs73uknn7n43glmebdkql2n0ifjaos5sc@4ax.com> 





On Wed, 02 Jan 2002 23:37:52 GMT, dsmcd <dsmcd_at_uswestmail.net> wrote:



>But you can connect as internal using a script or other sql tool, in 

>which case you don't have to be logged in on box at all. You could do 

>damage as long you can reach the ip and know the sid, correct? Or am I 

>being missing something here?

>

>

>>The idea behind this is if you

>>are already logged as an administrator on that box, you can screw up

>>Oracle already anyway (you don't need the internal password for that)





I described the situation when you are on that box, not remotely. To
use internal (or SYSDBA) remotely, you'll need to change the
remote_login_password_file parameter to allow SYS to connect as
SYSDBA.



Internal is a completely *local* thingy. If you can hack the
administrator password of that box, who is going to stop you anyway?



Hth



Sybrand Bakker, Senior Oracle DBA



To reply remove -verwijderdit from my e-mail address
Received on Wed Jan 02 2002 - 23:54:17 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US