Re: Prevent Root access from database

DA Morgan wrote:

> I understand your sentiment but it is no longer reasonable in the US and
> some other countries to take that approach.
>
> If root can access the database, without auditing, then you have a clear
> cut violation of United States Federal law.

Daniel, we also have laws about privacy and about lawful intercept and so on.

And I agree that a 'sensitive' database should be protected at sysdba level via auditing (which means any user and not just root gets audited at that level).

But to attempt to change the fundemental o/s and security architecture - like denying root su access into an oracle account - that I do have a problem with.

The issue is putting the horses in front of the cart. Business not only stating the problem (root can access Oracle as sysdba), but also the solution (hack the o/s to prevent this). Not too mention that the problem is too vague to determine the solution. What needs to be protected on the database side?

Fine, a hack gets implemented that deny root access to su into oracle and do a sqlplus "/ as sysdba". (which begs the question just how the hell are you going to start the database instance at boot time if root cannot su into oracle?)

But seeing as the sensitive data is not encrypted, nothing prevents root from running tcpdump and reading all the clear text data being delivered to the clients. Nothing prevents root from hacking into Oracle processes and memory. Or just simply dumping data directly from the physical Oracle datafiles.

The problem solution is not "prevent Root access from database" as it is totally meaningless solution that does not even address the perceived problem.

--
Billy