Re: ops$ logins from both secure and nonsecure clients with same username

From: Ed Bruce <bruce_at_ha.hac.com>
Date: 1996/08/02
Message-ID: <3201DB27.EEC_at_ha.hac.com>#1/1

Mark Citron wrote:
>
> I dont think that is what I am asking. I just want to know how Oracle
> knows whether whether my client system is secure or not. If it believes
> it is secure it should let me login. If is believes it is not it should
> ask for a password. How does it know what windows is not secure?
>

I've been looking into this myself and according to the Oracle documentation they say don't use ops$ logins if you have clients on non-secure systems. The reason is users on Windows machines can set their id to anything and therefore can get into your system without a password.

So the answer is Oracle doesn't know or differentiate between secure and non-secure systems if you enable ops$ style logins.

Ed Bruce
Systems Engineer - DBA
Hughes Aircraft Company
bruce_at_ha.hac.com Received on Fri Aug 02 1996 - 00:00:00 CEST

This message: [ Message body ]
Next message: Robert W. Swisshelm: "Re: ops$ logins from both secure and nonsecure clients with same username"
Previous message: Brian P. Mac Lean: "Re: How to find out what version of Oracle you have ?"
Maybe in reply to: Mark Citron: "ops$ logins from both secure and nonsecure clients with same username"
In reply to Mark Citron: "Re: ops$ logins from both secure and nonsecure clients with same username"
Next in thread: Robert W. Swisshelm: "Re: ops$ logins from both secure and nonsecure clients with same username"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message