| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Restricting internal access to users.
I am using Oracle 8.1.7 on Windows 2000 server. Also, I am not using
OS authentication. But I guess like Quarkman said, I shouldn't grant
connect and resource roles to a user. May be I should create another
role with specific privileges and grant that role??
thanks all of you guys for responding.
Daniel Morgan <damorgan_at_exxesolutions.com> wrote in message news:<3F383250.5B6738C8_at_exxesolutions.com>...
> jiju wrote:
>
> > hello,
> >
> > How do I restrict internal account access to database users? I created
> > a user called user1 and granted him connect and resource privileges.
> > Now after I connect as user1, I tried 'connect internal' and I get
> > connected to the database as 'SYS' which is dangerous. How can I
> > restrict this such that when user1 tries to 'connect internal' it will
> > prompt for the password. Please help.
> >
> > Thanks in advance.
> >
> > jiju
>
> Log on as SYS and perform the following:
>
> DROP ROLE connect;
> DROP ROLE resource;
> DROP ROLE dba;
>
> That is what Oracle recommends.
>
> Now create specific roles that relate to what people actually do and
> assign those to your users.
Received on Wed Aug 13 2003 - 10:53:21 CDT
 |
 |