| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re: Security audit of Oracle databases
On Apr 11, 2005 4:33 PM, stephen booth <stephenbooth.uk_at_gmail.com> wrote:
>
> On Apr 11, 2005 4:15 PM, rachel carmichael <wisernet100_at_gmail.com> wrote:
> > snipped except for relevant passage to pass the overquoting rule.....
>
> > not necessarily a problem, at least not on Unix/Linux systems --
> > sysadmin logs in as root and does an "su - oracle" (or the name of the
> > Oracle binaries owner)...... then does
> >
> > connect / as sysdba
> >
> > and can reset whatever passwords are needed.
> >
>
> I would love to work in a UNIX/Linux only environment, love to.
> Unfortunately hetrogenous environments persist and we have people
> putting databases on Windows boxes and putting those Windows boxes in
> distant datacentres behind firewalls that don't let VNC, PCAnywhere or
> any of the other things that will let us get a remote console session
> on the box. Sometimes those datacentres and staffed by people who
> don't have any common language with us.
That's true enough, though I can't see why folk wouldn't put *nix boxes behind firewalls that didn't allow remote access either...
On windows of course you can always run any executable under different credentials, if you are an administrator, but then to be blunt it makes sense for dbas to be admins on windows boxes anyway.
-- Niall Litchfield Oracle DBA http://www.niall.litchfield.dial.pipex.com -- http://www.freelists.org/webpage/oracle-lReceived on Tue Apr 12 2005 - 09:22:29 CDT
 |
 |