Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: is it possible to edit archivelog files?

Re: is it possible to edit archivelog files?

From: Jim Kennedy <kennedy-family_at_attbi.com>
Date: Sun, 20 Oct 2002 08:58:17 GMT
Message-ID: <Jeus9.18633$Hj7.7477@rwcrnsc53> 





One could just edit the database files themselves.  I have a tool that
allows you to do that.  The exception , so I've been told , is that Trusted
Oracle has the data encrypted on the disk and so you would have a heck of  a
time figuring out how to edit it.  But frankly if people have access to
these files you have a larger problem. (They could just destroy the files or
issue conventional sql and add those transactions, why try and edit and
possibly damage the database.)  I am not sure a checksum would work, the
files are constantly changing and if you have a crash and have to bring it
up on the other machine then the files  would be different.



I think you need to consider physical security to the machines and the
access to the files themselves; that would seem to be the proper place to
worry about spoofing or fraud in this example.



Jim



"Wijbrand Pauw" <w.pauw_at_xs4all.nl> wrote in message
news:Xns92AD6DC30E3ECwpauwxs4allnl_at_194.109.6.74...


> Hi,

>

> I work at al large bank and we want to get on Unix-Oracle the highest

> possible classification on availability and integrety.

>

> You all know the expressions that one fool can ask more questions than 100

> wise man can answer, well than our security officer is a fool.....

>

> He now wants to know if it is possible to edit/change an archivelogfile

and


> then apply it to an standby database.

> We are doing a checksum on the files on the production and standby machine

> before applying, for what that's worth.

> He wants to know because he wants to be very sure that someone can't fake

a


> disaster on production, going to the standby database, bringing it up and

> there are for example new financial transactions (there will be over

> $50.000.000.000,- transferred every day) which weren't in the orignal

> production environment (that one is for example completly destroyed).

>

>

> I know that this sounds perhaps a bit silly or overdone but they want to

> know.

> So is there a chance that someone can hack the archivelog files and the

file


> still be accepted by the standby database?

>

> Can you think of other potential dangers of changing the standby database

> without being noticed (of course the database will remain in standby mode

> but it is also used in ready only)?

>

> Thanks for your reply!

>

> Regards,

>

> Wijbrand

Received on Sun Oct 20 2002 - 03:58:17 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US