Re: OK to revoke privileges from SYS or DBA?

On 2004-12-08, Anurag Varma <avdbi_at_hotmail.com> wrote:
>
> Right! Its so highly secure that you can't stop telling us the details.
> A little more prodding and I think you'll tell us the special sys password you chose for it also.
>

 Anurag, you are taking it personal - please do not. If I am REALLY so annoying - sorry, mate( I do not think so, however:-))

Do you really think that deleteion of DB schema is only security step to be taken? :-)
And will it really help if I tell you "special sys pasword"? Ok - write it down : "CHANGE_ON_INSTALL" :-)

I agree with you and I explicitely stated that before - it is not common practice, it should not be done in everyday activty. I agree, so please do not waste your time.

BTW, since we already started this topic - what would you, Anurag, recommend to do for getting "out of the box installation" reasonably secure? I really would like to know, please answer. Also it will be good for others, and that can be kind of "What is right thing to do" advice.

From my side, I would recommend (as DM did) do not use well -known roles and accounts, create in your DB only those components, you really need and never use DBCA.

And, thank you for your answers - even when we are "fighting" - we all having fun, do we? :-)

Have a great day, guys! Received on Tue Dec 07 2004 - 22:35:10 CST