Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Help: database security

Re: Help: database security

From: PD <pavel.drs_at_anfdata.cz>
Date: Thu, 23 Nov 2000 12:23:04 +0100
Message-ID: <8viuno$ebj$1@scesie13.sie.siemens.at> 






This is definitely not a good security concept to hardcode the password into
the application.



The best solution is to change this approach. You can also define a role for
the application and enable/disable this when the application is started. A
default privilege fo a user should be just CREATE SESSION.



Pavel




Wilko <Wilko_at_yoa.com> pí¹e v diskusním
pøíspìvku:8vi893$hh315_at_inetbws1.citec.com.au...


> Hi All,

>

> I want to stop programmers being able to log into

> the production database and making changes.

>

> How can I keep the login/password secret when

> it is hard coded into the API that connects to the

> database.

>

> I know don't hard code it. But what is the alternative?

>

>

> Thanks,

> Chris

Received on Thu Nov 23 2000 - 05:23:04 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US