Well,
you can tell them "NOT" to do that. They can write scripts to monitor OS
performance, but DBA is the one to monitor DB performance. You can aslo tell
them you will be writing scripts to monitor Unix performance and probably make
some changes in files in /etc directory. If they insist on doing that,
write a message to them and cc to their manager so that they are responsible if
something bad happens to the DB.
Guang
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Walter K
Sent: Thursday, August 28, 2003 11:34 AM
To: Multiple recipients of list ORACLE-L
Subject: How to keep "root" out?Just for grins, I'll ask this question... Is there any way to keep the Unix "root" user from logging into the database (i.e. connect internal or / as sysdba)? Currently using 8.1.7.4 on Solaris 8 here.We have a couple people in our Unix admin group that feel the need to "help" by writing their own DB monitoring scripts. Of course, they don't know what they're talking about. They do not have formal logins for the database, but since they are root users they are connecting via "connect internal". This is not only counterproductive but actually a potential security issue--just because someone has root doesn't necessarily entitle them to see the data in the database. What if it is a payroll database?So, I'm curious, is there any way to prevent access via "connect internal" or "/ as sysdba"?Thanks in advance.W
