I have recently inherited a database that uses proxy authentication at
the OS level. I'm still trying to understand the auditing that is in
place, but it appears the audit records are written to the OS and are
controlled by the Unix admins. Now, access to the unix Oracle account
is secure, as I must login as myself and use SUDO to su to oracle.
However, the proxy authentication into the database is then done as
"oracle" meaning anyone who has access to su to oracle can then get
into the database without a password. What makes me uneasy is that 2
(or more) DBAs could access the oracle account concurrently, and the
audit trail may not provide sufficient information on who did what
activities. The Sys admins say they can correlate the database
activity to the OS terminal session, and then correlate that to who
logged in on that terminal. Seems like a lot of effort involved if we
need to find out who did what, when we could collect the same
information much easier by forcing each DBA to have a dedicated DB
account.
Looking for a little feedback on how others do it. All of my other
databases are set up with each DBA having their own account, and
auditing records being written to the database. I can understand the
concern with that, as the DBA could truncate the table, and don't have
a big problem with the audit records going to the OS instead. Am I
completely off track in thinking the above proxy method has some holes
in it? In your companies, is this policy (individual vs shared DB
account) dictated by your DBA team or your Information Security
officers?
Received on Mon Oct 16 2006 - 21:28:07 CDT
