RE: Connecting as sysdba
- From: "Zeng, Lei" <LZeng@xxxxxxxx>
- To: <oracle-l@xxxxxxxxxxxxx>
- Date: Wed, 16 Jun 2004 12:07:30 -0400
Is your database using OS authentication?
When a member of Unix 'dba' group logged in, could you try 'show user'
command in sqlplus to see what is showing up?
If it shows as 'sys', it is automatically granted sysdba.
Lei
_____
From: Catherine LeBlanc [mailto:cleblan2@xxxxxxxxxxxxxxxx]
Sent: Tuesday, June 15, 2004 8:22 PM
To: oracle-l@xxxxxxxxxxxxx
Subject: RE: Connecting as sysdba
I believe you do not need to have sysdba granted explicitly to a user if
they are logged into the database server as a UNIX user that is a member
of UNIX dba (sysdba) group. In this case you can connect as sysdba even
if your oracle user account doesn't show up in v$pwfile_users. I have
tested this because I have a similar problem in that I want to prevent
programmers logged into our UNIX application software owner account from
connecting as sysdba. I have not figured out how to do this, and I
cannot easily change the application software owner account. Ideas
anyone?
Catherine LeBlanc
At 01:00 PM 6/1/2004, Zeng, Lei wrote:
To my knowledge, for a user account to be able to 'connect as
sysdba',
it needs to be granted 'SYSDBA' privilege (use 'GRANT SYSDBA to
USER'
command). To check which user account is currently having SYSDBA
privilege, query table v$PWFILE_USERS .
Lei
-----Original Message-----
From: syed jaffar hussain [mailto:sjaffarhussain@xxxxxxxxxxx]
Sent: Sunday, May 30, 2004 9:57 AM
To: oracle-l@xxxxxxxxxxxxx
Subject: Connecting as sysdba
Hello list,
I have noticed onething, when I logon to my UNIX as oracle user,
I am
able to connect to the database as sysdba from any database
user.
Sqlplus /nolog
Connect user_1/password as sysdba;
I want to prevent all DB users, except sys, to connect as
sysdba. How
can I do it? I tried to change the remote_login_passwordfile
values but
vain.
Is this expected behaviour or do I have to change anything in
the
init.ora file?
Regds
Jaffar
----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
<http://www.orafaq.com/>
----------------------------------------------------------------
To unsubscribe send email to: oracle-l-request@xxxxxxxxxxxxx
put
'unsubscribe' in the subject line.
--
Archives are at //www.freelists.org/archives/oracle-l/
FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------
----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
<http://www.orafaq.com/>
----------------------------------------------------------------
To unsubscribe send email to: oracle-l-request@xxxxxxxxxxxxx
put 'unsubscribe' in the subject line.
--
Archives are at //www.freelists.org/archives/oracle-l/
FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------
---------------------------------------------------------------- Please
see the official ORACLE-L FAQ: http://www.orafaq.com
---------------------------------------------------------------- To
unsubscribe send email to: oracle-l-request@xxxxxxxxxxxxx put
'unsubscribe' in the subject line. -- Archives are at
//www.freelists.org/archives/oracle-l/ FAQ is at
//www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------
Other related posts:
