Re: OPS$LOGIN :security hole?

From: Bailey Bob <p228_at_uni05.larc.nasa.gov>
Date: 16 Dec 1992 21:47:45 GMT
Message-ID: <1go861INN4hv_at_rave.larc.nasa.gov>

In article <8aT=R#A_at_engin.umich.edu> lwk_at_engin.umich.edu (Lewis W Kellum) writes:
>
>Here's another question: If I know Mr.Schow's unix login id, and the internet
>hostname of his Oracle server, what keeps me from creating his login id
>on my host and connecting to his ops$ oracle account? - Woody Kellum

The only way the ops$ account works without a password is when you are directly logged into the host server at the OS level. If you connect to the host via SQL*Net, the RDBMS will require entry of the password.

Bob Bailey Received on Wed Dec 16 1992 - 22:47:45 CET

This message: [ Message body ]
Next message: Dale Cook: "Re: OPS$LOGIN :security hole?"
In reply to Lewis W Kellum: "OPS$LOGIN :security hole?"
Next in thread: Dale Cook: "Re: OPS$LOGIN :security hole?"
Reply: Mark McGloughlin: "Re: OPS$LOGIN : security hole?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message