| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Oracle9i/AIX5.2: multiple sys (sysdba) passwords Question
Alvaro Fuentes wrote:
>
> Sybrand Bakker wrote:
>
>> On Sun, 11 Jul 2004 08:31:34 GMT, "A. Fuentes" <alvarof2_at_hotmail.com> >> wrote: >> >> >>> Fellow Oracle users: >>> >>> I am running Oracle 9.2.0.2 on AIX 5.2. >>> >>> I did >>> >>> rm $ORACLE_HOME/dbs/orapw >>> >>> Thereafter I did, as the oracle:dba AIX user: >>> >>> orapwd file=$ORACLE_HOME/dbs/orapw password=changed entries=30 >>> >>> (the orapwd command executed OK, no error returned), >>> and I can authenticate not only by running: >>> >>> sqlplus sys/"changed as sysdba" >>> >>> but with some other passwords. >>> >>> How is this possible? (Shouldn't the password "changed" be unique and >>> the >>> only one for sys (as sysdba)? >>> >>> Any light on this issue will be greatly appreciated. >>> >>> >>> Best, >>> >>> A. Fuentes >>> 512-297-9937 >>> >>> >> >> If you are on the server doing this and you installed the Oracle files >> are owned by the Unix group dba, yes: you can use anything to >> connect, by design. On Unix platforms all users in the dba group have >> SYSDBA privilege, by design. >> Right now, you have several options: >> - Make sure the Oracle password can't be guessed >> - Remove all other users from the dba group >> - If you still think there are people who will misuse the Oracle >> account, make sure they are fired. >> >> And of course, this is documented in the installation manual no one >> cares to read. >> >> >> -- >> Sybrand Bakker, Senior Oracle DBA
Thanks Received on Sun Jul 11 2004 - 14:45:01 CDT
 |
 |