Rhugga wrote:
> Well, to monitor over 2000 instances. We use PowerBroker and a few
> other auditing tracking impementations. Our problem stems from some
> stuff that uses raw socket I/O. Believe me, I have been wrwiting
> software for 15 years, I have tried all the usual work-arounds.
> Denying root access was hard-coded in oracle 7.x/8x/9.x but I thought I
> read were oracle was changing this. (maybe with 11)
>
> And letting root have sqlplus access is no more dangerous than letting
> the oracle user, since everything is owned by oracle, that user can be
> just as damaging. (after all, this is UNIX) It boils down to writing
> secure robust code. If your security policy revolves around simply not
> letting root use splus directly, you have bigger problems to worry
> about. Otherwise why is this allowed:
>
> /sbin/su - oracle -c /path/to/my/script/that/drops/all/SYS/objects
>
> Or this:
>
> /sbin/su - oracle -c /tmp/script_that_deletes_a_datafile
>
> How are those more secure?
>
> Furthermore, why can root login interactively with a password?
>
> The only issue here is how raw socket I/O is handled on pseudo tty's.
> What we are trying to do is actually _more_ secure than the /sbin/su
> method.
>
> And I highly recommend you take remedial security. Unless you wanna
> post some arguments to your claim.
>
Of course, root can only login from the physically attached console, not
from any remote, so what's the problem again?
--
Regards,
Frank van Bortel
Top-posting is one way to shut me up...
Received on Sat Nov 26 2005 - 07:16:24 CST
