Yes, it's windoze NT 4.0.
-----Original Message-----
Sent: Wednesday, July 25, 2001 5:01 PM
To: Multiple recipients of list ORACLE-L
Dave,
What's the platform? NT?
Jared
"Farnsworth, Dave"
<DFarnsworth@Ashleyfurn To: Multiple
recipients of list ORACLE-L <[EMAIL PROTECTED]>
iture.com> cc:
Sent by: Subject: strt<SID>.cmd
security hole??
[EMAIL PROTECTED]
07/25/01 01:47 PM
Please respond to
ORACLE-L
I inherited an Oracle 7.3.4 database that nobody knew the internal password
for. So I was doing some research on metalink and came across an article
that mentioned the strt<SID>.cmd file would have the password. I was
amazed
to open up this file and see the unencrypted password for internal. I then
check my 8.0.5 database and the same thing. Then I checked my 8.1.7
database and it was not there. Did this gaping security hole disappear in
the 8i database? I sure hope so.
Both the 7.3.4 and 8.0.5 have the remote_login_passwordfile init paramater
set to SHARED, whereas my 8.1.7 is set to EXCLUSIVE. I don't know if this
has something to do with it.
Thanks,
Dave
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: Farnsworth, Dave
INET: [EMAIL PROTECTED]
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051
San Diego, California -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author:
INET: [EMAIL PROTECTED]
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051
San Diego, California -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: Farnsworth, Dave
INET: [EMAIL PROTECTED]
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051
San Diego, California -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
