Oh yeah! I've got one even better! When I joined a previous company, their
*Web-accessible* application's administration username/password was
admin/admin! Their production Oracle DB - accessed via the admin/admin
"protected" app - had system/manager and mps/mps (mps stands for Main
Production Schema), plus all the usual default schemas like ctxsys/ctxsys...
Needless to say, I closed those holes pretty quickly!
Jack
--------------------------------
Jack C. Applewhite
Database Administrator/Developer
OCP Oracle8 DBA
iNetProfit, Inc.
Austin, Texas
www.iNetProfit.com
[EMAIL PROTECTED]
(512)327-9068
-----Original Message-----
Carmichael
Sent: Wednesday, July 18, 2001 11:13 AM
To: Multiple recipients of list ORACLE-L
I would doubt he's joking. I've had simular experiences....
transferred to another department within the same company. Get a call from
my old boss "our dba is out sick, we HAVE to have this done today, this is a
highly secured system you have to help and make the changes from this pc"
I go there, cannot log into the database with the username and password he
gives me. We call the dba (who was really sick), apologize and ask for the
username and password -- same as what I had. Still does not work. I stop,
think and say "let me try something"
and log in as system/manager
I do what they ask me to, then take my old boss aside and explain (gently)
that he has a security hole in his "highly secured" system that I could
drive a truck through.
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: Jack C. Applewhite
INET: [EMAIL PROTECTED]
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051
San Diego, California -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
