Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: A few security questions

Re: A few security questions

From: <jkstill_at_gmail.com>
Date: 27 Sep 2005 17:20:46 -0700
Message-ID: <1127866846.820888.197650@g47g2000cwa.googlegroups.com> 





I will tackle a couple of these.



remote_os_authent:  in most cases this should be set to false. I've
never worked in an environment where setting it to true would be a good
thing.



If you set it to true in a out of the box Oracle installation, it makes
it very easy for someone else to logon as SYSDBA.  I've done it a few
times from my laptop here at work for demonstration purposes.



os_authent_prefix:  The value preferred by most folks is an empty
string - eg. ''



If you are using SAP, it should be set to "OPS$"  - any other value is
very confusing to SAP consultants.  ;)



This value is used for external authentication.



User Profiles:  It is usually a good idea to create profiles that
reference a password verification routine, one that enforces (to the
extent possible)a strong password.



I also assign one to the default profile to ensure that an account
cannot be created without a good password.



Probably the best availailable book on Oracle Security is this one:
http://www.amazon.com/exec/obidos/tg/detail/-/0974372749



You might considering getting a copy.



Jared
Received on Tue Sep 27 2005 - 19:20:46 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US