Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Storage problems with Oracle Blobs.

Re: Storage problems with Oracle Blobs.

From: Ed Prochak <edprochak_at_gmail.com>
Date: Wed, 5 Dec 2007 10:45:58 -0800 (PST)
Message-ID: <c7bbc474-024a-4c9b-a7cd-829ecc3010df@e23g2000prf.googlegroups.com> 





On Dec 5, 12:24 pm, Jon <bone..._at_gmail.com> wrote:


> On 5 Dec, 16:34, DA Morgan <damor..._at_psoug.org> wrote:

>

> > Jon wrote:

> > > When I run my software that adds rows to the table I connect with

> > > another user which has the SYSDBA role.

>

> > No user, ever, should have the SYSDBA role with the sole exception of

> > SYS. And SYS should only be used, infrequently, for those specific jobs

> > that require it's privileges.

>

> > This is not just a violation of Oracle's "Least Privileges" rule it is

> > a violation of any standard of security and governance.

>

> Just because you have been institutionalised into a big corporate

> methodology that believes in a particular practice does not mean that

> it is a defacto standard.

>



For MANY coporations it is not institutional practice, it is the law
(Sarbanes-Oxley)



>

>

> > Do yourself and your employer a big favor and learn how to manage Oracle

> > properly.

>

> If you had bothered to read my post you would have understood that I

> am trying to learn about Oracle.




Then read Daniel's post. He is giving you good information.


>

> > By posting such insanity here you give newbies the impression that what

> > you have done is acceptable: It is not.

>

> As above, if you had bothered to read my post then you would know that

> I am a "newbie" (to Oracle at least) and who are you to determine from

> your institutionalised views what is acceptable and what is not ?




Again, it's that Law thing.


For private companies, it is just good practice. You never know when
your company may go public (directly or via mergers).



[]



> > gazzag

> > Also, why do you insist on assigning the SYSDBA role to application

> > logins?

>

> @ gazzag : Thank you for taking the time to ask. I am designing some

> software that replicates database schema's between different database

> providers, I am working in a segregated environment where only I can

> access the Oracle server and client machines. Therefore I didn't need

> to spend the time understanding all of the relevant security rights

> that are needed to allow for such a piece of software to function.




Well you are a newbie to ORACLE yet decide you don't need to follow
good practices in ORACLE. This post makes it appear you do not want to
learn anything that doesn't match your preconceived views. Not a good
plan IMHO.



   Ed


Normally I do not think I am so harsh. The regular coffee in the decaf
pot this morning may have something to do with it ;^)
Received on Wed Dec 05 2007 - 12:45:58 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US