DBA Privileges and Developers
- From: "Koivu, Lisa" <Lisa.Koivu@xxxxxxxxxxxxxx>
- To: "oracle-l" <oracle-l@xxxxxxxxxxxxx>
- Date: Thu, 24 Jan 2008 14:34:51 -0500
Hello all,
Aahh, the age old war, granting DBA privileges... I am in it again up
to my eyeballs. Instead of standing there and saying NO, NO, NO, I took
the time to pull apart the DBA role and document in detail what a
majority of the roles and system privileges allow a database user to do
within the database and how some of these privileges are a direct
violation of Sarbanes-Oxley. This document is not perfect, but it's
enough to make management stop and say, Wait, we can't allow DBA
privileges to be granted to individuals outside of an administrative
role. I had the document blessed by our security officer.
I am willing to share this document with anyone who may find this kind
of information useful. If you'd like a copy, please email me directly.
I finally have posting privilege on the list now. I'd like to say THANK
YOU to everyone, some of whose names I recognize from years ago, for
continued lively discussion and thought provoking Q&A. I am so thrilled
to be a dba working on Solaris again, to have a REAL system that I can
use to test out some of the ideas being discussed by some of the
brightest people I've had the privilege to, well, kind of "know".
Have a great day everyone!
Lisa Koivu
Oracle Database Administrator
desk: 407-903-4691
cell: 954-683-4459
This electronic message transmission contains information from the Company that
may be proprietary, confidential and/or privileged.
The information is intended only for the use of the individual(s) or entity
named above. If you are not the intended recipient, be
aware that any disclosure, copying or distribution or use of the contents of
this information is prohibited. If you have received
this electronic transmission in error, please notify the sender immediately by
replying to the address listed in the "From:" field.
Other related posts:
