Re: Does this happen to you at work?

• From: stephen booth <stephenbooth.uk@xxxxxxxxx>
• To: Jared Still <jkstill@xxxxxxxxx>
• Date: Tue, 10 May 2005 20:29:38 +0100

On 5/10/05, Jared Still <jkstill@xxxxxxxxx> wrote:
>=20
>=20
> On 5/10/05, stephen booth <stephenbooth.uk@xxxxxxxxx> wrote:
> > I'm currently in the process of putting together a standards document
> > for Oracle databases and am including a passage stating that databases
> > shall have meaningful names relating to their purpose.
>=20
>  Why is that better than meaningless names?
> =20
>  Consider a database hosting 3 different unrelated applicatons.

Whilst I wouldn't go so far as to say that we would never have such a
database, it would be very unlikely.  Far more likely would be three
different instances (and associated databases)  on the same box, each
instance named for the application it hosted.  Should that situation
arise we would make a decision as to how to deal with it.

>  Meaningful names can also be considered a security risk,
>  just as they are with servers.
> =20

Security through obscurity, what you're talking about there, is really
over rated.  If you're remotely competant about general network
security (firewalls, federation &c) then the depth of penetration a
cracker would have to get where your database names being meaningful
would be an issue would mean they'd almost certainly be in a position
to put packet sniffers on your network and key stroke loggers on your
desktops.  Why do they need to worry about working out your database
names when they can watch your users type in their passwords and
follow the packets to their destination?

Of course if your network and desktop security is good then you're on
the look out for anomalies that would indicate sniffing and your
desktops are locked down enough to minimise the chance of a keystroke
logger being sucessfully installed and to make it obvious if one is.

Your biggest security hole is the people who use your systems, and
they already know how to get onto your systems.

Also what would be meaningful to me and my collegues might be utterly
incomprehensible to an outsider.  As Mike Schmitt said, they have to
be meaningful to the the people who need to know, not to everyone.

Stephen

--=20
It's better to ask a silly question than to make a silly assumption.
--
//www.freelists.org/webpage/oracle-l

• Follow-Ups:
  • Re: Does this happen to you at work?
    • From: Oracle

• References:
  • Does this happen to you at work?
    • From: mhthomas
  • Re: Does this happen to you at work?
    • From: Connor McDonald
  • Re: Does this happen to you at work?
    • From: Oracle
  • Re: Does this happen to you at work?
    • From: stephen booth
  • Re: Does this happen to you at work?
    • From: Jared Still

Other related posts:

• » Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » RE: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » RE: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?
• » Re: Does this happen to you at work?

1. Home
2. oracle-l
3. Archive
4. 05-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---