Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Password Management and Database Security

Re: Password Management and Database Security

From: DA Morgan <damorgan_at_psoug.org>
Date: Mon, 11 Dec 2006 16:51:12 -0800
Message-ID: <1165884671.987788@bubbleator.drizzle.com>


Shailesh wrote:
> Hello,
>
> One of our customers follows single user environment. All schema
> objects are owned by this user with DBA privilege. Application
> internally connects to database using the same user & password, but for
> login different application users are available. In short when login
> dialog is launched by an application, internally application already
> connects to the database and identifies entered application user and
> password in one table to allow user to enter. Although we can see
> several hundred sessions to the database all are using same database
> user.
>
> Recently they have faced few issues and would like to enhance current
> user password management strategy.
>
> Issues:
> ------------
> Since same database user is used for an application and also for
> connecting via tools like SQL*PLUS, TOAD etc. So if end user (other
> than administrator) knows database password he can play with schema
> objects.
>
> Administrator of One customer goes to another customer who are also
> using same product and was able to log on to database. Customer
> complained with the risk associated. All customers' deployments have
> same database user and password
>
> What are advantages/limitations of such environment?
> What could be the best strategy can be used in such cases?
>
> Some ideas:
> -------------------
> Database Schema owner needs to be one user with DBA privilege for
> Customer Administrator, Separate User for an Application with only
> SELECT privilege and user with DBA privilege for connecting using
> Tools.
>
> Please help with your valuable inputs.
>
> Thanks & Rgards,
>
> Shailesh

Oracle has a security model that seemingly has been ignored in its totality.

Start by creating a READONLY role that allows SELECT on named tables. Create another role for each level of the user hierarchy as required. I see no reason for application owners to have any CREATE privilege on an ongoing basis. If they need it ... it should be enabled for a specifically identified purpose and disabled as soon as that purpose is fulfilled.

You are playing Russian Roulette with a loaded application. Time to move your finger from the trigger to the safety.

-- 
Daniel A. Morgan
University of Washington
damorgan_at_x.washington.edu
(replace x with u to respond)
Puget Sound Oracle Users Group
www.psoug.org
Received on Mon Dec 11 2006 - 18:51:12 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US