Re: need better security with SQL*Net and ORASRV

From: <sstephen_at_us.oracle.com>
Date: Sat, 31 Oct 1992 20:31:42 GMT
Message-ID: <1992Oct31.123142.1_at_us.oracle.com>


In article <1992Oct29.181750.1_at_bbs.mdcbbs.com>, suskind_at_bbs.mdcbbs.com writes:
> I have a system running Oracle that has an ORASRV process running.
> My users that have local accounts also have OPS$ accounts so they
> can get automatic logins.
>
> My problem is with the ORASRV process running I cannot prevent (at
> least so far) ANY user from ANY other system running Oracle from gaining
> access to MY system's Oracle via SQL*Net. The ORASRV process allows
> access to OPS$J user accounts on other system is the username is the
> same.

Yeah, try "orasrv opsoff", check your orasrv documentation for details. You can also allow "dbaon" and "dbaoff".

>
> Is there a way to set up a trusted access like can be done with RSH
> and RLOGIN via a file?

That's a weakness of TCP/IP. Some vendors may supply such controls, but it's not part of the standard.

> +---------------------------------------------------------------------+
> Barry A. Suskind Internet: suskind%melpar_at_uunet.uu.net
> MaBell: 703-560-5000x2348 UUCP: uunet!melpar!suskind
> E-Systems / Melpar Division 7700 Arlington Blvd, Falls Church, VA 22046
> JSNM Just Stark Naked Magic
>

-- 

================================================================================
Scott Stephens				inet:	sstephen.us.oracle.com
Oracle WorldWide Support                Redwood City, California
Received on Sat Oct 31 1992 - 21:31:42 CET

Original text of this message