Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: connecting automatically as sys

Re: connecting automatically as sys

From: Joe <nospam_at_joekaz.net>
Date: Sun, 25 Jul 2004 14:05:26 -0400
Message-ID: <KDSMc.24618$ok7.13594@fe03.usenetserver.com> 





On 07/24/2004 06:41 PM, Daniel Morgan said:

> Joe wrote:
> 




>>On 07/20/2004 11:25 PM, Hans Forbrich said:

>>

>>>...

>>>5) I can think of no valid reason, at least effective Oracle8i, to 

>>>attempt

>>>ANY coding against SYS.  Playing at that level is roughly equivalent to

>>>coding against the kernel data structures of a proprietary (closed 

>>>source)

>>>OS.  

>>

>>

>>Does a password_verify_function still have to be owned by SYS?   If so, 

>>I wish oracle would change that.

>>


> 
> 
> Why? A strong desire to compromise security?






Not at all - why do you suggest that?



If I need to update the password verify function across 800+ 
instances, and o7_dictionary_accessibility=false as it should be, it 
can be a pain to connect as sys across that many servers.   If the 
function could be created in another schema, it's pretty easy for me 
to loop through all 800 instances from one central place, and do the 
create or replace.   Also, since exp/imp doesn't handle sys objects 
like a normal schema, it's just one more thing that you have to 
handle differently.



Actually, I wish Oracle would add some more profile parameters such 
as minimum_length=6 and non_alpha_required=2, so you could do a much 
better job without the verify_function.


-- 
Joe
http://www.joekaz.net/
http://www.cafeshops.com/joekaz


Received on Sun Jul 25 2004 - 13:05:26 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US