I'm thinking malicious thoughts.=20 Security?? ... SECURITY!!! Henry -----Original Message----- From: oracle-l-bounce@xxxxxxxxxxxxx = [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of William B Ferguson Sent: Monday, January 24, 2005 11:49 AM To: oracle-l@xxxxxxxxxxxxx Subject: RE: audit suggestion What could they do to the database with cron that they couldn't already = =3D do with the PL/SQL built-in packages that's malicious? Access to cron is merely a convenience for administrative-type tasks, = =3D like moving archive logs, etc. If somebody wanted to schedule malicious code = =3D to be run, it would better to utilize the built-in packages to execute it, = =3D so the SA's or anybody else, wouldn't discover it until it was to late. Your auditors failed to understand Oracle, and the advanced aspects of computers. I'm surprised they didn't apply the same logic to the = keyboards, restricting access to those so the DBA's don't run malicious code. ------------------------------------------------------------ Bill Ferguson U.S. Geological Survey - Minerals Information Team PO Box 25046, MS-750 Denver, Colorado 80225 Voice (303)236-8747 ext. 321 Fax (303)236-4208 ~ Think on a grand scale, start to implement on a small scale ~ -----Original Message----- From: oracle-l-bounce@xxxxxxxxxxxxx =3D = [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of rjamya@xxxxxxxxx Sent: Monday, January 24, 2005 9:24 AM To: KATHERINE_KAYLOR@xxxxxxxxxx Cc: oracle-l@xxxxxxxxxxxxx Subject: Re: audit suggestion At some point you have to trust your DBA, if that is not present, you = =3D have bigger problems than cron jobs. auditors lack humor, so don't tell them = =3D I said so. so, if DBA's cannot run it, then unix SA's should run the cron jobs? If = so, do you completely trust your SA? BTW, to heck with cronjob, use = dbms_job, if you want you can still do the damage using dbms_job. Raj -- //www.freelists.org/webpage/oracle-l -- //www.freelists.org/webpage/oracle-l -- //www.freelists.org/webpage/oracle-l