Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Prevent Root access from database

Re: Prevent Root access from database

From: DA Morgan <damorgan_at_psoug.org>
Date: Thu, 28 Jul 2005 00:53:50 -0700
Message-ID: <1122537195.777141@yasure> 





PhilB wrote:


> Weve got a new security drive underway in our organisation, one of the

> concerns that was raised was that access to the database on our unix

> server should be prevented from the root user.  I'm preparing to put

> the argument that the root user is the system admin and as a result can

> do anything, e.g "su" to oracle user account and gain access via a

> "connect / as sysdba" (even if we remove sysdba, surely root can put it

> back !)  Is this correct , anyone got any experience of preventing root

> users getting into the database to see the data ?.




Assuming you are in the US determine if this request is based on
Sarbanes-Oxley, HIPPA, FACTA or other legal requirements. If it
is ask for a conference between the corporate legal counsel or
auditing consultants and the IT staff to clearly understand the
law and the implications of various pathways.



What you are facing is not unique ... and in the US it IS the law.



Those that don't wish to comply, or react like Billy, are not going
to last long in the new environment that has been created post-Enron.

-- 
Daniel A. Morgan
http://www.psoug.org
damorgan_at_x.washington.edu
(replace x with u to respond)


Received on Thu Jul 28 2005 - 02:53:50 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US