Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: OK to revoke privileges from SYS or DBA?

Re: OK to revoke privileges from SYS or DBA?

From: DA Morgan <damorgan_at_x.washington.edu>
Date: Tue, 07 Dec 2004 12:35:32 -0800
Message-ID: <1102451628.372088@yasure> 





davidsharples_at_gmail.com wrote:


>>Then again I also don't install Oracle with a user account named




> 

> Oracle.

> 


>>Don't create groups named oinstall and dba on *NIX platforms and




> 

> don't

> 


>>use port 1521 so I guess that puts me well outside the curve.
>>--
>>Daniel A. Morgan
>>University of Washington
>>damorgan_at_x.washington.edu
>>(replace 'x' with 'u' to respond)




> 

> 

> 

> How is that any more secure? - Security by obscurity doesnt mean you

> are secure

> 

> Also i dont agree with dropping any roles, dont like them - then dont

> use them.




I can agree with you on the roles though I drop them just to force the
process of thinking through their replacements.



With respect to security through obscurity ... it is just one part of
a multilayered defense that starts with a firewall, utilizes logon
triggers, and many many other means.


-- 
Daniel A. Morgan
University of Washington
damorgan_at_x.washington.edu
(replace 'x' with 'u' to respond)


Received on Tue Dec 07 2004 - 14:35:32 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US