On Jul 23, 4:24 am, sybrandb <sybra..._at_gmail.com> wrote:
> On Jul 23, 2:09 am, DA Morgan <damor..._at_psoug.org> wrote:
>
>
>
>
>
> > sybra..._at_hccnet.nl wrote:
> > > On Sun, 22 Jul 2007 07:58:35 -0700, DA Morgan <damor..._at_psoug.org>
> > > wrote:
>
> > >> There is no reason anyone anyone other than the unix user oracle should
> > >> be directly accessing executables on the server unless the object is to
> > >> compromise system security and render any reasonable interpretation of
> > >> auditing moot.
>
> > > Actually it is just the opposite. Forcing Unix users to use oracle or
> > > to su to oracle poses a security risk. We had an issue once where
> > > 'someone' deleted the passwordfile and the init.ora of several
> > > databases. Only the unix user oracle could access the database.
> > > *Everyone* knew the password.
>
> > My point exactly. There are only two people who should ever be able to
> > access an Oracle server ... the operating system SA and the DBA. Thus
> > no one else needs access to anything on the machine except via SQL*NET
> > or a secure and tested interface.
>
> > If an organization is sloppy with respect to who has the userid/pwd
> > for either the root or oracle then they deserve what they get. Changing
> > permission of operating system files will not save anyone from flagrant
> > stupidity: Firing those that share passwords will.
> > --
> > Daniel A. Morgan
> > University of Washington
> > damor..._at_x.washington.edu (replace x with u to respond)
> > Puget Sound Oracle Users Groupwww.psoug.org
>
> You are still not getting it. Is it my English? What I'm trying to
> explain is there are situations where multiple administrators are
> unavoidable (one reason for that is that no one works 7 x 24).
> Using the oracle account for normal administration is dangerous and
> even Oracle warns against this in the documentation. The obvious
> reason for this is the oracle account is, *without* changing any
> permission, capable of deleting any oracle file.
> This is why you shouldn't use oracle to administer the database, and
> you definitely shouldn't allow telnet or ssh access to oracle.
> Preferably you shouldn't allow everyone to su to oracle. Yet in my
> situation this is unavoidable. Because if I don't allow this I will
> need to maintain the system 365 (or 366) times 7 times 24 hours per
> year.
> As SYSDBA operations are audited, it is actually advantageous to have
> multiple accounts: it allows you to put blame.
>
> --
> Sybrand Bakker
> Senior Oracle DBA- Hide quoted text -
>
> - Show quoted text -
Basic Security principles say grant specific rights to perform
specific actions and no more. Yes it takes a little more work and
planning. Why DBA's get paid the big bucks.
Adam
Received on Mon Jul 23 2007 - 18:09:00 CDT
