Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Alert log

Re: Alert log

From: Mark D Powell <Mark.Powell_at_eds.com>
Date: 22 Jul 2004 08:05:21 -0700
Message-ID: <2687bb95.0407220705.561c35f2@posting.google.com> 





"Christian Antognini" <christian.antognini_at_trivadis.com> wrote in message news:<40ff6c50_at_post.usenet.com>...


> **** Post for FREE via your newsreader at post.usenet.com ****

> 

> Hi Burt

> 

> > Only DBAs should be allowed to login to the server.

> >

> > But, I could see the DBA copying a session trace (udump) to some place

> > outside the server if a Developer wants to run tkprof on a traced session.

> 

> I'll never understand why DBA don't consider to give read only accounts to

> access the files under udump and bdump!!! It makes live easier for both, the

> DBA and the developer...

> 

> Chris

> 




Chris, trace files can and often do contain sensitive data (when bind
variable traces are in effect).  Allowing wide open access to the
trace directories is a security hole and an audit hit if your firm has
competent auditors.



HTH -- Mark D Powell --
Received on Thu Jul 22 2004 - 10:05:21 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US