Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Securing isqlplus
Alison Holloway wrote:
> Daniel Morgan wrote:
> >
> > What is scary is Oracle sacrificing its so far excellent record in data
> > security to a new front-end tool that isn't and over which they have no
> > control.
> >
> > Please Alison ... tell me it ain't so.
> > --
> > Daniel Morgan
> > http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp
> > damorgan_at_x.washington.edu
> > (replace 'x' with a 'u' to reply)
> >
> >
>
> I'm not sure why you are saying iSQL*Plus isn't secure. It can be, easily. It is up to the
> server administrator to run iSQL*Plus in HTTPS or HTTP. The choice is available. The
> administrator has full control over this.
>
> Alison
You also said that after purchasing Oracle software one must separately negotiate the purchase of a certificate from a CA company. Which I translate into meaning that you are selling an insecure product in the same way that IBM's DB/2 requires Tivoli or similar third-party products.
Have I misunderstood? And if not why can't Oracle bundle what I need onto the CD? I can tell you with little hesitation of being contradicted that if my original interpretation is correct it does not bode well for the future.
-- Daniel Morgan http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp damorgan_at_x.washington.edu (replace 'x' with a 'u' to reply)Received on Tue May 20 2003 - 18:32:43 CDT