Re: restricting listener access

FM <fabrizio.magni_at_mycontinent.com> wrote in message news:<4151266f$2_at_x-privat.org>...
> Yong Huang wrote:
> >
> > The "problem" still exists in 9i. I can't test on 10g since I only
> > have one installation of 10g on my PC so I can't remotely stop the
> > listener (my remote machine has 9i; attempting to stop it returns
> > TNS-12618: TNS:versions are incompatible).
> >
> > The commands you can send this way are stop, save_config and reload.
> > See item 16 at http://rootshell.be/~yong321/computer/OracleIdiosyncrasies.html.
> > A few years ago I opened a Tar with Oracle for a better solution. They
> > told me setting password in listener.ora is the only way.
...
>
> for the listener: I feared the password was the only solution... and I
> don't really like it.
>
> Better than nothing, but still not the optimum.

I just set up another 10g database on another Windows XP. I tried to stop the listener remotely and got error new to 10g "TNS-1189: The listener could not authenticate the user". The Cause of the error in documentation says "The user is attempting to administer the listener from a remote node".

A little off-topic. 10g also solved another minor security problem: literal characters in wrapped PL/SQL code are shown in plain text (see http://groups.google.com/groups?selm=b3cb12d6.0205231329.6f0a4f5e%40posting.google.com). Not any more.

Yong Huang Received on Sun Sep 26 2004 - 17:32:21 CDT