Re: capture oracle pwd change in 3rd party application. help needed
From: Anurag Varma <avdbi_at_hotmail.com>
Date: Sat, 08 Nov 2003 17:45:10 GMT
Message-ID: <GY9rb.5374$hB5.5102_at_nwrdny02.gnilink.net>
Date: Sat, 08 Nov 2003 17:45:10 GMT
Message-ID: <GY9rb.5374$hB5.5102_at_nwrdny02.gnilink.net>
Daniel,
I think I did reply you offline .. but not sure if
the mail reached you.
Anyway, I realized that the email I was using to
mail from this location
was wrong.
My email is: avdbi_at_hotmail.com
Anurag
Received on Sat Nov 08 2003 - 18:45:10 CET"Daniel Morgan" <damorgan_at_x.washington.edu> wrote in message news:1068311431.525724_at_yasure...Anurag Varma wrote:
I'll do that."Daniel Morgan" <damorgan_at_x.washington.edu> wrote in message news:1068245466.11957_at_yasure...Pete Finnigan wrote:
My personal opinion? The person asking the question is trying to crack a database.My objection is that it would take me a matter of minutes tomake myself an account on another machine on which I had no permissions. It is a hacker's delight.Hi Daniel, I think there is another point to make here is that we are not implementing this but just discussing possible solutions without knowing the application or architecture, tools, requirements etc.... I would say that a script to synchronise password hash values should be run in a secure manner and also would not add new accounts, just synchronise old ones. I would also re-iterate this isn't the way to fix an issue like this, why does this application need to have synchronised access to two databases? and why isn't the manufacturer involved. kind regards Pete
I've never seen an application with this architecture in 34 years in the business.
I'd really like to be wrong.-- Daniel Morgan http://www.outreach.washington.edu/ext/certificates/oad/oad_crs.asp http://www.outreach.washington.edu/ext/certificates/aoa/aoa_crs.asp damorgan_at_x.washington.edu (replace 'x' with a 'u' to reply)--------------Actually one of the databases I manage runs on an application which doessomething similar (Not the synchronization .. but the way it creates application accounts ...by creating an Oracle account). The application being Bladerunner.If you ever get a chance .. run (really fast) away from it.:0)Anurag
BTW: I've tried to email you off-line and failed. Please send me your actual email address off-line. Thanks.-- Daniel Morgan http://www.outreach.washington.edu/ext/certificates/oad/oad_crs.asp http://www.outreach.washington.edu/ext/certificates/aoa/aoa_crs.asp damorgan_at_x.washington.edu (replace 'x' with a 'u' to reply)