RE: standards

  • From: "Ellis R. Miller" <sartre1@xxxxxxxxxxx>
  • To: <oracle-l@xxxxxxxxxxxxx>
  • Date: Thu, 5 Aug 2004 03:11:48 -0600

To anyone asked to produce IT "standards" or documentation just make sure to
ask your IT Manager if he/she likes "Dukes of Hazzard," hates people who
think they are smarter than everyone else, and could just, oh, I don't know
what, to people who work too much and have too many books before you go off
trying to implement. All joking aside, if you don't know find out before you
risk your job as there is no point in trying to change the IT world when
ain't nobody this side of the Mississippi or UAW wants it changed.

For three months I wrestled with the security "dilemma" of the Oracle user,
SYS and SYSTEM, and even root, in some cases, having the eternal (unlike
James Martin it didn't expire) password "mudpie" at APS...across the entire
IT infrastructure. After being chastised for thinking too hard I resigned
and let McKesson pay for my next date with contestant number two, Steve
Wang, the Asian old school DBA the audience had chosen. Yet, before Steve
and I could even have our ninth fight and almost six weeks after I left APS,
having spent at least seven hours a day being lectured about thinking I was
smarter than everyone else for learning how to type in the 7th grade
(Christ, I never knew there were people that stupid), my former boss Al
Rodriquez, who now graces the halls of DHL in Scottsdale, AZ had former
peers from APS (Brent Killion, Mark Johnson Barbier, etc.) calling my house
and cell phone asking for the hundreds of pages of documentation I had
produced. I was even given tickets to a Diamondbacks game which I gave to
some guy who tried to sell me Middle-Eastern oil paintings the same
afternoon. In the end, NOBODY in the IT department at Palo Verde or APS
proper cared or were even concerned on May, 2002 that the security audit
findings were never implemented but they wanted that documentation they had
bought and paid for @$60/hr.

In fact, the only compliment during my three months contracting that was not
laced with a subtle threat of UAW-like violence was for some fine OEM
documentation I generated.

You go trying to implement that documentation, boy, and you gonna find some
people who don't care for your fancy, college IT standards and they ain't
afraid to show it.

Ellis

PS By the way, they never received the documentation but there was many a
late night when my wife and I sat in the coolness of the night having that
last stiff drink smiling listening to Al on my answering machine asking,
again, if I had the time to find the documentation and if not could I please
take another look (I liked to picture him in a hoop dress with red heels
scrubbing my kitchen floor while asking). In the end, I sent it to the
Office of Homeland Security for my boy Al and the crew at APS...so all of us
would have a copy.






-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx]On Behalf Of Markoen Meijerink
Sent: Thursday, August 05, 2004 12:39 AM
To: oracle-l@xxxxxxxxxxxxx
Subject: Re: standards


L.S.,

This sounds like the application of the ideas of Karl Popper: It is often
easier for Homo Sapiens to know
and to make a decision based on what you don't want. Karl has written about
more things than the
importance of falsification in science.

But being witty is not the point here:

Whether it is about database and infrastructure-standards (OFA) or about
programming-standards
(e.g. CDM):

a good standard is nothing more than a useless, 'dead' book in the closet if
you do not perform
any active checking. If you do nothing about enforcing the standards, you
can almost save you
the effort.

So if you want your oracle files being placed in
/unn/oradata/bla...bla...something then schedule a check
that checks if it is so.
And if you still want to have all your foreign keys to have an index, then
schedule a check to monitor
whether this is so.
I can give many examples of useful, sanitary checks that you should perform
at the schema, instance or
database level.
And also should keep on doing. Maybe you created the initial 10 users
correctly with the right
settings, but the 11-th user is created with e.g. "that nice feature in the
application to
'create user john identified by john' " at some later time without your
knowledge.
If this user ever gets resource privs you 'll know where the objects will
go.

The work is not the writing of the standard, the work is in the programming
of the active checking!
Find a complete standard combined with a complete tool to implement this
notion (we use one of course).
You will be far better off.

Markoen Meijerink

----- Original Message -----
From: "Mogens Nørgaard" <mln@xxxxxxxxxxxx>
To: <oracle-l@xxxxxxxxxxxxx>
Sent: Thursday, August 05, 2004 1:51 AM
Subject: Re: standards


> Splendid.
>
> And it brings me back to the very valid point Cary made to me some years
> ago when we were in Honolulu together for the OAUG - remember the one
> where Oracle pulled all financial support two weeks before the start of
> the conference?
>
> That was the beginning of the Mark Jarvis Master Plan (MJMP) to kill off
> user groups and get some real messages out to customers instead :).
>
> Anyway, Cary's point was (I think) to focus on worst practices instead
> of best practices. When you constantly look for best practices you will
> always be falling behind reality, and there will be no impetus for
> moving the bar up. If you look for worst practices (things not to do),
> then you'll learn and grow and become smarter and you can steadily add
> to the list... or just move the bar up, up and away.
>
> Mogens
>
>
>
> david wendelken wrote:
>
> > How about:
> >
> > PL/SQL Programmers who use exception blocks like this will be flogged,
then fired from their job.
> >
> > EXCEPTION
> >   WHEN OTHERS THEN
> >      NULL;
> > END;
> >
> > :)
> >
> > -----Original Message-----
> > From: David <thump@xxxxxxxxxxxxxxxx>
> > Sent: Aug 4, 2004 3:45 PM
> > To: oracle-l@xxxxxxxxxxxxx
> > Subject: standards
> >
> > I ahve been asked to write the standards for the company in terms of
> > Oracle databases.
> > I have never done anythign like that before...
> > Anyone have any pointers or skeletons or examples I could review?
> > Cheers
>
> ----------------------------------------------------------------
> Please see the official ORACLE-L FAQ: http://www.orafaq.com
> ----------------------------------------------------------------
> To unsubscribe send email to:  oracle-l-request@xxxxxxxxxxxxx
> put 'unsubscribe' in the subject line.
> --
> Archives are at //www.freelists.org/archives/oracle-l/
> FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
> -----------------------------------------------------------------
>

----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
----------------------------------------------------------------
To unsubscribe send email to:  oracle-l-request@xxxxxxxxxxxxx
put 'unsubscribe' in the subject line.
--
Archives are at //www.freelists.org/archives/oracle-l/
FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------

----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
----------------------------------------------------------------
To unsubscribe send email to:  oracle-l-request@xxxxxxxxxxxxx
put 'unsubscribe' in the subject line.
--
Archives are at //www.freelists.org/archives/oracle-l/
FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------

Other related posts: