RE: DBA Privileges and Developers
- From: "Jeremiah Wilton" <jeremiah@xxxxxxxxxxx>
- To: <Lisa.Koivu@xxxxxxxxxxxxxx>, "'oracle-l'" <oracle-l@xxxxxxxxxxxxx>
- Date: Thu, 24 Jan 2008 13:09:36 -0800
Great to have you back, Lisa. Sounds like you did a great job on that
document. Nothing works quite as well as facts. Also this is a great way
to get the heat off of the DBA for saying "no" and deflect the
responsibility for policy decisions to the business, where it belongs. I
think that many DBAs do just stand there and say 'NO NO NO', and it gets us
a reputation as obstructionists with developers and others.
Now, who's that trip-trapping over my database?
Regards,
Jeremiah Wilton
ORA-600 Consulting
http://www.ora-600.net
Koivu, Lisa wrote:
> Aahh, the age old war, granting DBA privileges? I am in it
> again up to my eyeballs. Instead of standing there and saying
> NO, NO, NO, I took the time to pull apart the DBA role and
> document in detail what a majority of the roles and system
> privileges allow a database user to do within the database and
> how some of these privileges are a direct violation of Sarbanes-
> Oxley. This document is not perfect, but it?s enough to make
> management stop and say, Wait, we can?t allow DBA privileges to
> be granted to individuals outside of an administrative role. I
> had the document blessed by our security officer.
...
--
//www.freelists.org/webpage/oracle-l
Other related posts:
