Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Password protect DBA role
aschexna_at_hotmail.com wrote:
> I'm getting beat up by the Sar/Oxy auditors because the DBA role is not
> password protected. The only schemas that are granted this role are SYS
> and SYSTEM. I've tried to explain that the DBA is a default role for
> SYS and SYSTEM and setting a password is useless, but to no avail.
>
> This is the 3rd company I've worked for as an Oracle DBA and I have
> never seen the DBA role password protected. Can anyone come up with a
> valid reason for password protecting the DBA role?
I have been asked the same thing with my own roles in database. Oacle
lets you specify a password when defining your roles, but password is
invoked ony when one is
using set role in application.
Auditors have read that roles can be protected by paswords in Oracle and there seems some common list which many SOX auditors have access to, so they alwyas ask such questions. Received on Fri Mar 03 2006 - 21:24:15 CST