Keeping the wallet to a different server does not necessarily mean it is to make it safer. It could be for centralized handling as LDAP indicates. On Sat, 16 Dec 2006 00:00:02 +0100, "Alberto Dell'Era" <alberto.dellera@xxxxxxxxx> said: > On 12/15/06, GovindanK <gkatteri@xxxxxxxxxxx> wrote: > > Good reference. But even Tom Kyte's followup does not shedding any light > > on how to keep the wallet on a diff. server. > > I think the point was "don't do that" :) > That is, moving the wallet on a different server doesn't add much to > security - if my guess is correct, breaking the columns is several > orders of magnitude easier than breaking the wallet. > So an attacker would not even bother to examine the wallet; > why breaking Fort Knox to retrieve the keys of a small home vault ? > Hammer the vault instead. > > But I hope that some security expert will chime in ... -- //www.freelists.org/webpage/oracle-l