Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Help: How to make "connect sys as sysdba" asking for password

Re: Help: How to make "connect sys as sysdba" asking for password

From: Sybrand Bakker <gooiditweg_at_sybrandb.verwijderdit.demon.nl>
Date: Fri, 25 Jun 2004 20:27:47 +0200
Message-ID: <hfrod0phra7agiignrk5dn5o0kioq40o9g@4ax.com> 





On Fri, 25 Jun 2004 11:45:57 GMT, "charlie cs"
<cfs3526(no-spam)@ureach.com> wrote:



>Hi group,

>

>I am using Oracle 9202 on Red-Hat Linux.

>

>In my company, everybody can sudo to ora92, which belongs to Oracle user

>group.

>

>And every body can do "sqlplus /nolog", "connect sys as sysdba",  when type

>password,  I type anything, oracle will accept it, even though I set the

>password through "orapwd".

>

>What did I do wrong??

>

>some init parameters

>

> os_roles

>FALSE


>

>remote_os_authent

>FALSE


>

>




Nothing. This is by design. Only users of the dba group have access to
this. If you set up an insecure system by allowing everyone to su to
Oracle, this is the result.



If you don't want this you have 2 options
- block the sudo to Oracle (preferred, as everyone can throw away your
database files)


- remove the Unix dba group.



--
Sybrand Bakker, Senior Oracle DBA


Received on Fri Jun 25 2004 - 13:27:47 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US