Re: Security audit of Oracle databases
- From: stephen booth <stephenbooth.uk@xxxxxxxxx>
- To: wisernet100@xxxxxxxxx
- Date: Mon, 11 Apr 2005 16:33:26 +0100
On Apr 11, 2005 4:15 PM, rachel carmichael <wisernet100@xxxxxxxxx> wrote:
> snipped except for relevant passage to pass the overquoting rule.....
> not necessarily a problem, at least not on Unix/Linux systems --
> sysadmin logs in as root and does an "su - oracle" (or the name of the
> Oracle binaries owner)...... then does
>
> connect / as sysdba
>
> and can reset whatever passwords are needed.
>
I would love to work in a UNIX/Linux only environment, love to.
Unfortunately hetrogenous environments persist and we have people
putting databases on Windows boxes and putting those Windows boxes in
distant datacentres behind firewalls that don't let VNC, PCAnywhere or
any of the other things that will let us get a remote console session
on the box. Sometimes those datacentres and staffed by people who
don't have any common language with us.
Plus there's the other situation that seems to keep occuring where the
DBA and SA are the same person. IME small sites often have one
DBA/SA, if they're unavailable then the company have problems. Even
not so small sites can be dangerously short staffed in specialist
fields. Where I currently work there are 50,000 employees, 500 of
whom are in IT. Out of that 500 there is 1 DBA, 2 UNIX SAs and a
partial DBA. A total of 2 people, me and another guy. If I'm off he
can cover most of the day-to-day Oracle stuff and if he's off I can
cover most of the UNIX stuff. If we both were incommunicado for an
extended period then our enployer would be in deep do-do.
Stephen
--
It's better to ask a silly question than to make a silly assumption.
--
//www.freelists.org/webpage/oracle-l
Other related posts:
