Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Alert log

Re: Alert log

From: Joel Garry <joel-garry_at_home.com>
Date: 22 Jul 2004 16:59:06 -0700
Message-ID: <91884734.0407221559.196c888e@posting.google.com>


"Christian Antognini" <christian.antognini_at_trivadis.com> wrote in message news:<41000af3_at_post.usenet.com>...
> **** Post for FREE via your newsreader at post.usenet.com ****
>
> Hi Mark
>
> > Chris, trace files can and often do contain sensitive data (when bind
> > variable traces are in effect). Allowing wide open access to the
> > trace directories is a security hole and an audit hit if your firm has
> > competent auditors.
>
> Of course these directories can contain sensitive data, i.e. wide open
> access is not a good solution!
> But when a developer has access to the database, she/he has access to some
> sensitive data as well.... therefore I don't understand why such a developer
> should not be able to access the tracefiles!
>
> Chris
>

I would think there might be a difference between dev and production boxes. Giving developers (even good ones) access to a production instance is not generally a good thing. If you have sensitive data, you might not want it to be on a dev box. And if you have a box with development and production instances, you might have some other problems which throws everything in managements lap anyways. And if everyone has root passwords...

jg

--
@home.com is bogus.
Cow tipping.  http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9218957.htm
Received on Thu Jul 22 2004 - 18:59:06 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US