Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: How to Forbid sqlplus connecting to ORACLE
There is a product profile table that can prevent users from executing most commands from SqlPLus ( they can desc and exit
for instance but nothing else)..
Can't remember exactly how to set it up, but a search at
http://tahiti.oracle.comn
for Product Profile ( or some variant) should reveal all..
hth,
Kenneth Koenraadt wrote:
>That's not what you want ?! But it was in fact what you asked
>for....Take the time to formulate the question, it pays off :-)
>
>Anyway, *forget the whole thing*. Every user having a basic Oracle
>client installed on his PC can connect via SQL*PLUS, TOAD or any free
>interface downloadable from the internet. If you try to trap these
>with Logon Triggers, periodic checks of v$session or something third,
>users can easily bypass it by renaming the client program or other
>hacks, e.g. on W2K :
>
>
>C:\>copy c:\oracle\ora92\bin\sqlplus.exe c:\oracle\ora92\bin\hack.exe
>C:\> c:\oracle\ora92\bin\hack.exe
>
>SQL> select program from v$session;
>
>PROGRAM
>----------------------------------------------------------------
>ORACLE.EXE
>ORACLE.EXE
>ORACLE.EXE
>ORACLE.EXE
>ORACLE.EXE
>ORACLE.EXE
>hack.exe
>
>
>
>If connection via SQL*PLUS is so obviously dangerous/inappropriate,
>you should have no problem explaining that to the users.
>
>
>- Kenneth Koenraadt
>
>
>On Wed, 18 Jun 2003 16:56:35 +0800, "Grant" <goddabao_at_yahoo.com>
>wrote:
>
>>OOPS, That's not what I want!
>>If I stop the listner, my Client application will not work, they are
>>connected to the Oracle Server via ODBC. In fact, I just want the user can
>>only using our Client Program instead of using sqlplus to operate the DB
>>directly.
>>
>><Kenneth Koenraadt> wrote in message
>>news:3ef02148.2921160_at_news.inet.tele.dk...
>>> On Wed, 18 Jun 2003 15:50:16 +0800, "Grant" <goddabao_at_yahoo.com>
>>> wrote:
>>
>>> Hi Grant,
>>>
>>> Odd request, I hope you are aware that Svrmgrl is gone with 9i ?!
>>>
>>> Anyway, if you only want connection with Svrmgrl from the Host, simply
>>>
>>> 1) Turn off the listener for the instance, thus forcing users to
>>> connect from the host only (by setting ORACLE_SID)
>>>
>>> 2) Remove sqlplus from the host.
>>>
>>> .....Think twice !
>>>
>>> - Kenneth Koenraadt
>>
>>
>>
----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==---- http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups ---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =--- Received on Wed Jun 18 2003 - 10:21:31 CDT