Oracle FAQ Your Portal to the Oracle Knowledge Grid

Home -> Community -> Usenet -> c.d.o.server -> Re: Storage problems with Oracle Blobs.

Re: Storage problems with Oracle Blobs.

From: Ed Prochak <>
Date: Wed, 5 Dec 2007 10:45:58 -0800 (PST)
Message-ID: <>

On Dec 5, 12:24 pm, Jon <> wrote:
> On 5 Dec, 16:34, DA Morgan <> wrote:
> > Jon wrote:
> > > When I run my software that adds rows to the table I connect with
> > > another user which has the SYSDBA role.
> > No user, ever, should have the SYSDBA role with the sole exception of
> > SYS. And SYS should only be used, infrequently, for those specific jobs
> > that require it's privileges.
> > This is not just a violation of Oracle's "Least Privileges" rule it is
> > a violation of any standard of security and governance.
> Just because you have been institutionalised into a big corporate
> methodology that believes in a particular practice does not mean that
> it is a defacto standard.

For MANY coporations it is not institutional practice, it is the law (Sarbanes-Oxley)

> > Do yourself and your employer a big favor and learn how to manage Oracle
> > properly.
> If you had bothered to read my post you would have understood that I
> am trying to learn about Oracle.

Then read Daniel's post. He is giving you good information.
> > By posting such insanity here you give newbies the impression that what
> > you have done is acceptable: It is not.
> As above, if you had bothered to read my post then you would know that
> I am a "newbie" (to Oracle at least) and who are you to determine from
> your institutionalised views what is acceptable and what is not ?

Again, it's that Law thing.
For private companies, it is just good practice. You never know when your company may go public (directly or via mergers).


> > gazzag
> > Also, why do you insist on assigning the SYSDBA role to application
> > logins?
> @ gazzag : Thank you for taking the time to ask. I am designing some
> software that replicates database schema's between different database
> providers, I am working in a segregated environment where only I can
> access the Oracle server and client machines. Therefore I didn't need
> to spend the time understanding all of the relevant security rights
> that are needed to allow for such a piece of software to function.

Well you are a newbie to ORACLE yet decide you don't need to follow good practices in ORACLE. This post makes it appear you do not want to learn anything that doesn't match your preconceived views. Not a good plan IMHO.

Normally I do not think I am so harsh. The regular coffee in the decaf pot this morning may have something to do with it ;^) Received on Wed Dec 05 2007 - 12:45:58 CST

Original text of this message