Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: HELP! ORACLE ADVICE NEEDED ASAP!!

Re: HELP! ORACLE ADVICE NEEDED ASAP!!

From: Allen Pickel <apickel_at_us.oracle.com>
Date: Fri, 02 Jul 1999 11:46:33 -0400
Message-ID: <377CDED9.169BC457@us.oracle.com> 





Basically security as it applies to the questions you ask addresses that
warm and fuzzy feeling you have of knowing that if something goes wrong you
have done the easiest things you can do ensure recovery.



To answer your questions:



    
  
  1.   Users who have system table space as default and have been granted
privileges to create database objects, especially tables and views, may
inadvertenlty USE UP all available resources that the system may require -
not a good thing.  Your database will quit functioning due to various
errors depending on how/which resource is used up.

  
  2.   If archive logging is not turned on you risk the possibility of not
being able to recover CRITICAL data in event of a database crash or
corruption.  You need to know where the archive logs are being saved and
ensure that only trusted individuals such as your DBA have privileges to
these files to ensure they are not inadvertently
deleted/truncated/corrupted thus rendering recovery of CRITICAL data
impossible.

  
  3.   Multiple redo logs ensure data integrity and greatly increase the
possibility of recovery if disk failure occurs.  That is,  if disk A and B
store redo logs and the database goes down due to a disk crash and suppose
disk A crashes as well, disk B redo logs can be used to recover the
database to the point in time the crash occurred.






The question you have to ask - "Do I want to be responsible for losing
CRITICAL DATA due to poor security measures at the lowest level?"



For additional information read the Oracle Backup and Recovery Guide or
Server Concepts Manuals..



HTH


Allen Pickel


Oracle Support Services



heebe_at_my-deja.com wrote:



> Please help,


>


> I am conducting an Oracle security Review and have come to an impasse


> regarding the following steps:


>


> 1.  Review the script output for the USER PRIVILEGE DUMP to determine


> whether any users have been granted default tablespace of  SYSTEM.


>


> 2. Review the script output for the LOG FILE DUMP to determine whether


> the archivelog is activated for critical database files;  Review the


> script output for the PARAMETERS DUMP to determine where archive logs


> are maintained;  Determine whether archive logs are protected from


> logical access;  Determine whether a copy of the archive logs are


> maintained off-site;  Determine whether physical security over archive


> logs is maintained.


>


> 3.  Ensure that multiple Redo Logs are maintained on Different Servers.


>


> What is the risk with regard to these items?  Why do I need to worry


> about the above steps.  Any advice is appreciated!!!


>


> heebe_at_hotmail.com


>


> Sent via Deja.com http://www.deja.com/


> Share what you know. Learn what you don't.



Received on Fri Jul 02 1999 - 10:46:33 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US