Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Security question.
"Matthias Hoys" <idmwarpzone_NOSPAM__at_yahoo.com> wrote in message
news:42793ac3$0$22221$ba620e4c_at_news.skynet.be...
>
> "Frank van Bortel" <fvanbortel_at_netscape.net> wrote in message
> news:d5ah9f$m29$1_at_news3.zwoll1.ov.home.nl...
>> Shabble wrote:
>>> Oracle version embedded.
>>> Situation :- logged in to the UNIX account which owns Oracle, and
>>> opening
>>> Sqlplus with the sys account.
>>> Problem:- The sys account doesn't seem to care what password is used,
>>> anything seems to do!
>>> Question:- Why? Is this normal or is my system iffy?
>>>
>>> SQL*Plus: Release 9.2.0.4.0 - Production on Wed May 4 13:40:43 2005
>>>
>>> Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
>>>
>>> SP2-0640: Not connected
>>> SQL> connect sys/zzzxxx as sysdba
>>> Connected.
>>> SQL> exit
>>> Disconnected from Oracle9i Enterprise Edition Release 9.2.0.4.0 - 64bit
>>> Production
>>> With the Partitioning, Oracle Label Security, OLAP and Oracle Data
>>> Mining
>>> options
>>> JServer Release 9.2.0.4.0 - Production
>>>
>>> SQL*Plus: Release 9.2.0.4.0 - Production on Wed May 4 13:45:00 2005
>>>
>>> Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
>>>
>>> SP2-0640: Not connected
>>> SQL> connect sys/aaabbb as sysdba
>>> Connected.
>>> SQL> exit
>>> Disconnected from Oracle9i Enterprise Edition Release 9.2.0.4.0 - 64bit
>>> Production
>>> With the Partitioning, Oracle Label Security, OLAP and Oracle Data
>>> Mining
>>> options
>>> JServer Release 9.2.0.4.0 - Production
>>>
>>> regards,
>>> Shabble.
>>>
>>>
>> As root, you can:
>> poweroff -n -q
>>
>> Your system doesn't complain, either.
>>
>> You are logged on as *owner* of the software, and you tell
>> oracle so, by using the 'as sysdba' clause. Oracle then only
>> checks if you are the owner, if not - it'll trow an 1031.
>>
>> If you use sys, without the 'as sysdba' (or 'sysoper'), you'll
>> also get an error. Yes - Oracle stil is picky!
>>
>> Oh - and it won't work remotely!
>> --
>> Regards,
>> Frank van Bortel
>
> Something I was thinking about : is it possible to prevent the log in of
> the Oracle owner ? Can we turn off OS authentication ?
>
no, but you can lock down the os account so no-one can log in as that user Received on Wed May 04 2005 - 16:51:01 CDT