Facetious, but correct. What you need
is auditing. Not clipping userids.
Achieves nothing.
Cheers
Nuno Souto
[EMAIL PROTECTED]
- Original Message -
> What I was saying is that having a different username for each DBA helps you
> identify the WHOM. Of course a hacker
could always cut kno
> -Original Message-
> Nuno Pinto do Souto
>
> I don't want to know that SYSTEM or SOUTON with a subset
> of its rights stuffed up my database or exported my main accounts
> and clients tables. What I want to know is WHY, WHEN, HOW and
> by WHOM.
What I was saying is that having a diffe
-Original Message-
Sent: Thursday, November 13, 2003 10:49 PM
To: Multiple recipients of list ORACLE-L
>Stopping someone from using a given set of accounts achieves preciously
>nothing in terms of security (or auditing) IF the functionality of those >accounts
>is then replicated to ot
> Arup Nanda <[EMAIL PROTECTED]> wrote:
> I'm not sure that's what the OP wanted. He wanted to know if stopping
> use of
> SYS and SYSTEM on a regular basis will be acceptable, not "disable"
> them. It
> sure is.
> Besides, how does one disable the account? Lock it? SYSTEM can be
> locked but
> SYS
Nuno Pinto do Souto" <[EMAIL PROTECTED]> wrote:
> And that's why I feel disabling SYS or SYSTEM purely on
> "security" grounds makes no sense whatsoever
I'm not sure that's what the OP wanted. He wanted to know if stopping use of
SYS and SYSTEM on a regular basis will be acceptable, not "disable"
> Jacques Kilchoer <[EMAIL PROTECTED]> wrote:
> In my case I also enforce the "don't sign on as SYS/SYSTEM" rule. The
> reasons I do that:
> - The default tablespace for SYS is SYSTEM, and I don't like to
> change that. There are probably reasons why you wouldn't want to
> change that. But when I s
> -Original Message-
> Nuno Pinto do Souto
>
> Fact is: an admin user MUST have access to an admin
> privileged account.
> Call it whatever you want, root or role, who cares.
In my case I also enforce the "don't sign on as SYS/SYSTEM" rule. The reasons I do
that:
- The default tablespace
> Arup Nanda <[EMAIL PROTECTED]> wrote:
>
> Whoa! That came out pretty strong :)
Fed-up with these new-fangled security "experts" popping
up all over the place. Pretty soon we'll have another marketing
driven lot of bullshit going round. With the usual crap associated with it.
Next "big thing",