Re: need better security with SQL*Net and ORASRV

From: Rick Wessman <rwessman_at_prodhp.us.oracle.com>
Date: Tue, 3 Nov 1992 15:32:26 GMT
Message-ID: <RWESSMAN.92Nov3073226_at_prodhp.us.oracle.com>

In article <1992Nov3.041014.29016_at_cmutual.com.au> aaj_at_cmutual.com.au (Tony Jambu) writes:

   Path: oracle!uunet!spool.mu.edu!olivea!sgigate!sgiblab!munnari.oz.au!yarrina.connect.com.au!cmutual.com.au!aaj    From: aaj_at_cmutual.com.au (Tony Jambu)    Newsgroups: comp.databases.oracle
   Date: 3 Nov 92 04:10:14 GMT
   Organization: Colonial Mutual Group
   Lines: 66

> In article <1992Nov2.135623.18274_at_cs.umb.edu>, pytlik_at_ra.cs.umb.edu (Marek
> Pytlik) writes:
> With Oracle 7/SQL*Net V2, you have to connect to the database before your are
> allowed to carry out any DBA commands in SQLDBA eg startup or shutdown. This
> fix up a small security hole with the current version of SQL*Net.

That's right.

> You are not not allowed to connect internal thru' SQL*Net if you are not on the
> host machine no matter what your orasrv DBAON/DBAOFF setting is (V7/Net V2).
In the production version of ORACLE7, this will not be true. It will be possible to connect remotely but only if the DBA allows it.

					Rick Wessman
					rwessman_at_us.oracle.com
--
                                            Rick Wessman
                                            rwessman_at_us.oracle.com

Received on Tue Nov 03 1992 - 16:32:26 CET

This message: [ Message body ]
Next message: John Peach: "Re: Corruption error in ORACLE 6.0.36.3"
Previous message: Nelson Baird: "Re: oodb <-> rdb"
In reply to Tony Jambu: "Re: need better security with SQL*Net and ORASRV"
Next in thread: John Peach: "Re: Corruption error in ORACLE 6.0.36.3"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message