Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Adding some random characters to Oracle password

Re: Adding some random characters to Oracle password

From: Jeff <jeff_at_work.com>
Date: Mon, 01 Nov 2004 15:43:30 GMT
Message-ID: <cm5lj2$qe9$1@cronkite.cc.uga.edu> 





In article <jmlbo0lrrlgk48kfl44qfmdc684ma993v9_at_4ax.com>, kirmo.uusitalo.no.spam_at_iki.fi wrote:



>One question came to my mind:

>Where does the Progname actually derive?

>

>If it is just the OS executable name couldn't a hacker could just do

>c:\oracle\bin\> rename sqlplus.exe isqlplus.exe

>to bypass the fine security measures you have just created?




Yes, it's as simple as renaming the executable.  Thought of this myself.  
Also, I'm guessing Howard is running his sqlplus from a unix box because he 
doesn't  use "sqlplus.exe" in his example code.
Received on Mon Nov 01 2004 - 09:43:30 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US