Re: Password file timestamp

• From: Ram Raman <veeeraman@xxxxxxxxx>
• To: Jared Still <jkstill@xxxxxxxxx>
• Date: Tue, 21 Jul 2009 13:27:01 -0500

Yes I tested it out. What I was talking about convincing was that password
file getting updated when non DBA users change passwords.  Hope the auditors
are not too technical.



On Tue, Jul 21, 2009 at 1:13 PM, Jared Still <jkstill@xxxxxxxxx> wrote:

> It's simple to prove.
> ls -l pwdfile
> change a password
> ls -l pwdfile
>
> The timestamp will change
>
> Jared Still
> Certifiable Oracle DBA and Part Time Perl Evangelist
>
>
>
>   On Tue, Jul 21, 2009 at 9:29 AM, Ram Raman <veeeraman@xxxxxxxxx> wrote:
>
>> Thanks George. That seems to be the case. Hope we can sell that to our
>> auditors.
>>
>>
>>
>> On Tue, Jul 21, 2009 at 2:08 AM, Johnson, George 
>> <George.Johnson@xxxxxxx>wrote:
>>
>>>      I have noticed under our Solaris versions 9205, 10 and 11 that if
>>> you change the password of any user, irrespective of SYSDBA grant or not,
>>> the password file gets "touched" and the file timestamp is updated. I have
>>> only observed this on our systems and my Linux test box. Creation of user
>>> doesn't seem to trigger it, but subsequently changing the password does,
>>> even if the user has no grants at all, not even create session.
>>>
>>> Here's a sample from a 10.2.0.3:
>>>
>>>
>>> BANNER
>>> ----------------------------------------------------------------
>>> Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 - 64bi
>>> SQL> select name from v$database;
>>>
>>> NAME
>>> ---------
>>> LDND2
>>>
>>> SQL> !ls -ltr orapwLDND2
>>> -rw-r-----   1 oracle   dba         3584 Jul 21 08:02 orapwLDND2
>>>
>>> SQL> select to_char(sysdate, 'dd-mon-yyyy hh24:mi') from dual;
>>>
>>> TO_CHAR(SYSDATE,'
>>> -----------------
>>> 21-jul-2009 08:04
>>>
>>> SQL> create user gxj3 identified by fred;
>>>
>>> User created.
>>>
>>>  SQL> select * from v$pwfile_users where username = 'GXJ3';
>>>
>>> no rows selected
>>> SQL> !ls -ltr orapwLDND2
>>> -rw-r-----   1 oracle   dba         3584 Jul 21 08:02 orapwLDND2
>>>
>>> SQL> alter user gxj3 identified by fred;
>>>
>>> User altered.
>>>
>>>  SQL> select to_char(sysdate, 'dd-mon-yyyy hh24:mi') from dual;
>>>
>>> TO_CHAR(SYSDATE,'
>>> -----------------
>>> 21-jul-2009 08:04
>>>
>>> SQL> !ls -ltr orapwLDND2
>>> -rw-r-----   1 oracle   dba         3584 Jul 21 08:04 orapwLDND2
>>>
>>>
>>>     Rgds
>>>
>>>  ------------------------------
>>> *From:* oracle-l-bounce@xxxxxxxxxxxxx [mailto:
>>> oracle-l-bounce@xxxxxxxxxxxxx] *On Behalf Of *Ram Raman
>>> *Sent:* 21 July 2009 03:00
>>> *To:* Jared Still
>>> *Cc:* ORACLE-L
>>> *Subject:* Re: Password file timestamp
>>>
>>>   Thanks Jared.
>>>
>>> We do not execute those commands. It still has changes to the files.
>>> This happens with most prodcution databases. I realize that password file
>>> has information about sysdba users, entries and the password.
>>>
>>> On Mon, Jul 20, 2009 at 7:34 PM, Jared Still <jkstill@xxxxxxxxx> wrote:
>>>
>>>> GRANT|REVOKE SYSDBA|SYSOPER to <USER> would do it.
>>>> Jared Still
>>>> Certifiable Oracle DBA and Part Time Perl Evangelist
>>>>
>>>>
>>>>
>>>>  On Mon, Jul 20, 2009 at 4:47 PM, Ram Raman <veeeraman@xxxxxxxxx>wrote:
>>>>
>>>>>
>>>>> Listers,
>>>>>
>>>>> We have auditing enabled via a third party software and one of the
>>>>> things they are auditing is $OH/dbs/passwordfiles. The password files seem
>>>>> to get updated and it shows up in the audit reports.
>>>>>
>>>>> I am trying to research on what is causing it, but have been
>>>>> unsuccessful. I came across this one, which does not seem to answer the
>>>>> question:
>>>>> http://asktom.oracle.com/pls/asktom/f/f?p=100:11:0::::P11_QUESTION_ID:2318668671089
>>>>> .
>>>>> I tried creating a test user and locking and unlocking that user, but
>>>>> the password file timestamp did not change in the test case. I tried a 
>>>>> user
>>>>> with DBA privs, that did not change it either.
>>>>>
>>>>> Anyone knows what causes the update of the password files when we dont
>>>>> change the passwords.
>>>>>
>>>>> Version is 10.2.
>>>>>
>>>>> Ram.
>>>>>
>>>>>
>>>>
>>>>
>>>
>>> * *
>>>
>>> Please consider the environment before printing
>>>
>>> *
>>> ********************************************************************************************
>>> *
>>>
>>> This message contains confidential information and is intended only for
>>> the individual or entity named. If you are not the named addressee you
>>> should not disseminate, distribute or copy this email.
>>>
>>> Please notify the sender immediately by e-mail if you have received this
>>> e-mail by mistake and delete this e-mail from your system. E-mail
>>> transmission cannot be guaranteed to be secure or error-free as information
>>> could be intercepted, corrupted, lost, destroyed, arrive late or incomplete,
>>> or contain viruses. The sender therefore does not accept liability for any
>>> errors or omissions in the contents of this message which arise as a result
>>> of e-mail transmission. If verification is required please request a
>>> hard-copy version. This message is provided for informational purposes and
>>> should not be construed as an invitation or offer to buy or sell any
>>> securities or related financial instruments. GAM operates in many
>>> jurisdictions and is regulated or licensed in those jurisdictions as
>>> required.
>>>
>>> To the extent this email has been sent to you by any GAM company
>>> domiciled in the EU, being GAM (U.K.) Limited, GAM Sterling Management
>>> Limited, GAM International Management Limited, GAM London Limited, GAM Fund
>>> Management Limited, or GAM Fonds Marketing GmbH i.L., please note the
>>> following details in respect of each such company: - GAM (U.K.) Limited (a
>>> company limited by shares and registered in England and Wales with company
>>> number 01664573); - GAM Sterling Management Limited (a company limited by
>>> shares and registered in England and Wales with company number 01750352); -
>>> GAM International Management Limited (a company limited by shares and
>>> registered in England and Wales with company number 01802911); - GAM London
>>> Limited (a company limited by shares and registered in England and Wales
>>> with company number with Company Number 00874802) Each of Registered Office:
>>> 12 St. James's Place, London, SW1A 1NX
>>>
>>> GAM Sterling Management Limited, GAM International Management Limited and
>>> GAM London Limited are each authorised and regulated by the Financial
>>> Services Authority. GAM Fund Management Limited (a company limited by shares
>>> and registered in Ireland with no. 156828) of Registered Office: George's
>>> Court 54-62 Townsend Street Dublin 2, Ireland
>>>
>>> GAM Fonds Marketing GmbH, i.L. (a company limited by shares and
>>> registered in Germany under No. HRB 66857) of Friedrichstrasse 154, D-10117
>>> Berlin, Germany. The competent Commercial Register is “Amtsgericht
>>> Charlottenburg“ in Berlin. Liquidator: Daniel Durrer.
>>>
>>
>>
>

• References:
  • Re: Password file timestamp
    • From: Ram Raman
  • RE: Password file timestamp
    • From: Johnson, George
  • Re: Password file timestamp
    • From: Ram Raman
  • Re: Password file timestamp
    • From: Jared Still

Other related posts:

• » Password file timestamp- Ram Raman
• » Re: Password file timestamp- Jared Still
• » Re: Password file timestamp- Ram Raman
• » RE: Password file timestamp- Johnson, George
• » Re: Password file timestamp- Ram Raman
• » Re: Password file timestamp- Jared Still
• » Re: Password file timestamp - Ram Raman

1. Home
2. oracle-l
3. Archive
4. 07-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---