RE: DBA Privileges and Developers - a thank you.

I forgot to add one note.  

 

I must publicly thank Jared Still for the showpriv.sql script that he
gave me many years ago.  This script is the only database tool I use in
that doc, and I still use it daily.  

 

THANK YOU JARED!

 

 

________________________________

From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Koivu, Lisa
Sent: Thursday, January 24, 2008 2:35 PM
To: oracle-l
Subject: DBA Privileges and Developers

 

Hello all,

 

Aahh, the age old war, granting DBA privileges...  I am in it again up
to my eyeballs.  Instead of standing there and saying NO, NO, NO, I took
the time to pull apart the DBA role and document in detail what a
majority of the roles and system privileges allow a database user to do
within the database and how some of these privileges are a direct
violation of Sarbanes-Oxley.  This document is not perfect, but it's
enough to make management stop and say, Wait, we can't allow DBA
privileges to be granted to individuals outside of an administrative
role.  I had the document blessed by our security officer. 

 

I am willing to share this document with anyone who may find this kind
of information useful.  If you'd like a copy, please email me directly. 

 

I finally have posting privilege on the list now.  I'd like to say THANK
YOU to everyone, some of whose names I recognize from years ago, for
continued lively discussion and thought provoking Q&A.  I am so thrilled
to be a dba working on Solaris again, to have a REAL system that I can
use to test out some of the ideas being discussed by some of the
brightest people I've had the privilege to, well, kind of "know".  

 

Have a great day everyone!

 

Lisa Koivu

Oracle Database Administrator

desk: 407-903-4691

cell: 954-683-4459

 


This electronic message transmission contains information from the
Company that may be proprietary, confidential and/or privileged. The
information is intended only for the use of the individual(s) or entity
named above. If you are not the intended recipient, be aware that any
disclosure, copying or distribution or use of the contents of this
information is prohibited. If you have received this electronic
transmission in error, please notify the sender immediately by replying
to the address listed in the "From:" field. 



This electronic message transmission contains information from the Company that 
may be proprietary, confidential and/or privileged. 
The information is intended only for the use of the individual(s) or entity 
named above.  If you are not the intended recipient, be 
aware that any disclosure, copying or distribution or use of the contents of 
this information is prohibited.  If you have received 
this electronic transmission in error, please notify the sender immediately by 
replying to the address listed in the "From:" field. 

Other related posts: