Re: How to Forbid sqlplus connecting to ORACLE

Ganesh Raja wrote:

> Actually Tom [http://asktom.oacle.com] came out with a hole in this method.
> If you rename the Executable name and Run it. U go in with sqlplus.
>
> --
> HTH
>
> Regards,
> Ganesh R
>
> "James Williams" <willjamu_at_mindspring.com> wrote in message
> news:3ef259be.7274405_at_nntp.mindspring.com...
> > On Wed, 18 Jun 2003 15:50:16 +0800, "Grant" <goddabao_at_yahoo.com>
> > wrote:
> >
> >
> > You can use Logon Triggers if your program's use DBMS_APPLICATION_INFO
> > to register the app in the program field of v$session. That way you
> > can stop anything that comes through that does not match your program.
> > You also need logic to allow the Oracle processes to work.
> >
> > >Hi,
> > >
> > >Does anyone know how to forbid sqlplus connecting to ORACLE Server?
> > >I don't want somebody using my DB Server via sqlplus in Client, and I
> will
> > >only permit the user using svrmgrl on the Host.
> > >
> > >The ORACLE Server version is 8.1.7 (another is 8.1.5), running on
> Solaris.
> > >
> > >Thanks
> > >Best Regards,
> > >
> > >Grant
> > >
> > >
> >

It is a hole only if you advertise how you are catching those that try to circumvent it.

If the first time someone tries they are caught, hauled before management, and threatened with dismissal the next time they do it ... it won't happen again.

And no one need ever know how they were caught so no circumvention is possible.

Security measures should be enforced ... not advertised.

--
Daniel Morgan
http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp
damorgan_at_x.washington.edu
(replace 'x' with a 'u' to reply)