Re: Need help in Unix and Oracle's password!

In article <1993Sep29.085938.2014_at_arbi.Informatik.Uni-Oldenburg.DE> Andreas.Bartelt_at_arbi.informatik.uni-oldenburg.de (Andreas Bartelt) writes:

>dlm_at_dlogics.dlogics.com (Dave Mausner) writes:
>>jiun_at_wam.umd.edu (Jiun H. Lai) writes:
>>>Can anyone tell me how to use unix password as oracle password when...
>>...for each unix username X, create oracle username OPS$X with password Y.
>>a good choice of Y is: VALUES 'X', for example:
>> grant connect to OPS$X identified by values 'X';
>...That will generate a security problem:
>If someone spots this rule he may use any account, typing ops$x at the
>Enter user-name: and typing X at the Enter password: prompt.

No, the point of this scheme (admittedly I did not explain it) is that it stores the literal values 'X' in the dictionary where the encrypted password would normally occur. There is no enterable character string that maps to this value, no matter what value of 'X' you use. This is because the encrypter tends to generate funny characters which are not syntactically acceptable as unix or oracle usernames. Hence, no password value can match the encrypted string, and no user can access the OPS$X schema other than that one user who logs into the operating system as X. Pretty cool, yes?

--
Dave Mausner / Sr Consultant / Datalogics division of Frame Technology Inc