Re: Security question.

"Frank van Bortel" <fvanbortel_at_netscape.net> wrote in message news:d5ah9f$m29$1_at_news3.zwoll1.ov.home.nl...
> Shabble wrote:
>> Oracle version embedded.
>> Situation :- logged in to the UNIX account which owns Oracle, and opening
>> Sqlplus with the sys account.
>> Problem:- The sys account doesn't seem to care what password is used,
>> anything seems to do!
>> Question:- Why? Is this normal or is my system iffy?
>>
>> SQL*Plus: Release 9.2.0.4.0 - Production on Wed May 4 13:40:43 2005
>>
>> Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
>>
>> SP2-0640: Not connected
>> SQL> connect sys/zzzxxx as sysdba
>> Connected.
>> SQL> exit
>> Disconnected from Oracle9i Enterprise Edition Release 9.2.0.4.0 - 64bit
>> Production
>> With the Partitioning, Oracle Label Security, OLAP and Oracle Data Mining
>> options
>> JServer Release 9.2.0.4.0 - Production
>>
>> SQL*Plus: Release 9.2.0.4.0 - Production on Wed May 4 13:45:00 2005
>>
>> Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
>>
>> SP2-0640: Not connected
>> SQL> connect sys/aaabbb as sysdba
>> Connected.
>> SQL> exit
>> Disconnected from Oracle9i Enterprise Edition Release 9.2.0.4.0 - 64bit
>> Production
>> With the Partitioning, Oracle Label Security, OLAP and Oracle Data Mining
>> options
>> JServer Release 9.2.0.4.0 - Production
>>
>> regards,
>> Shabble.
>>
>>
> As root, you can:
> poweroff -n -q
>
> Your system doesn't complain, either.
>
> You are logged on as *owner* of the software, and you tell
> oracle so, by using the 'as sysdba' clause. Oracle then only
> checks if you are the owner, if not - it'll trow an 1031.
>
> If you use sys, without the 'as sysdba' (or 'sysoper'), you'll
> also get an error. Yes - Oracle stil is picky!
>
> Oh - and it won't work remotely!
> --
> Regards,
> Frank van Bortel

Something I was thinking about : is it possible to prevent the log in of the Oracle owner ? Can we turn off OS authentication ? Received on Wed May 04 2005 - 16:12:35 CDT