Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Security issue with Oracle 8i

Security issue with Oracle 8i

From: Pablo Gomez <pgomeza_at_adinet.com.uy>
Date: 25 Apr 2002 17:01:56 -0700
Message-ID: <962f505f.0204251601.2f5b19b@posting.google.com> 





Hello:



   I have a question about security in an Oracle database. As I know
when your Unix user belongs to the group "dba" gives you the
privileges sysdba or sysoper. Thus you can startup, shutdown the
instance (and other tasks). It also lets you connect via "connect / as
sysdba" without doing any security check by Oracle than that you
belong to the "dba" group. In this way your are connection as Oracle
user "sys" and then you get access to all the database objects
(tables, views, ...).



   So I think that the Unix administrator of the server can give any
Unix user the group "dba" (including root) and then connect and get
access to the database. In this way I don't see separate rights with
the Unix administrator and the Oracle administrator.



   Is this ok? Can I deny access to the Unix administrator, so he must
have an Oracle user the access the database?



   Thanks in advance,



   Pablo Gomez


   Twins Informatica


   Montevideo/Uruguay
Received on Thu Apr 25 2002 - 19:01:56 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US