Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Password protect DBA role

Re: Password protect DBA role

From: <dbaplusplus_at_hotmail.com>
Date: 3 Mar 2006 19:24:15 -0800
Message-ID: <1141442654.950707.134490@v46g2000cwv.googlegroups.com>

aschexna_at_hotmail.com wrote:
> I'm getting beat up by the Sar/Oxy auditors because the DBA role is not
> password protected. The only schemas that are granted this role are SYS
> and SYSTEM. I've tried to explain that the DBA is a default role for
> SYS and SYSTEM and setting a password is useless, but to no avail.
>
> This is the 3rd company I've worked for as an Oracle DBA and I have
> never seen the DBA role password protected. Can anyone come up with a
> valid reason for password protecting the DBA role?

I have been asked the same thing with my own roles in database. Oacle lets you specify a password when defining your roles, but password is invoked ony when one is
using set role in application.

Auditors have read that roles can be protected by paswords in Oracle and there seems some common list which many SOX auditors have access to, so they alwyas ask such questions. Received on Fri Mar 03 2006 - 21:24:15 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US