I have a few security related questions and would like to hear from you
if these are really an issue in the real world. If yes what their
risks are. Any comments are appreciated.
- In the init.ora file, is it mandatory that we need to have the
entries REMOTE_OS_AUTHENT and OS_AUTHENT_PREFIX. If yes, what values
should be set? True or False?
- Using grep -i dba/etc/group and I have the following result:
dbadev::511: and dba::510:secadm. Would these be appropriate? If not,
what would be the risk?
- In the dba_profiles table, the SESSIONS_PER_USAER is set to
unlimited.
- In the dba_profiles table, the password settings are all set to
DEFAULT.
- In the system tablespace, we have a lot of objects that are owned by
non SYS account.
- Have a few entries in the sys.link$ whose passwords are not null.
Does Oracle have any offical recommendations on these items? Thanks.
Received on Tue Sep 27 2005 - 18:22:53 CDT