| Remote authentication with SAP and Oracle - Please Help [message #63679] |
Wed, 27 October 2004 07:35  |
Shelina
Messages: 1
Registered: October 2004
|
Junior Member |
|
|
|
I have a security related question as it relates to Oracle and SAP functionality. The "remote_os_auth" parameter must be set to TRUE if used in an SAP environment. Are there any mitigating controls if this has to be set? Thanks.
|
|
|
|
| Re: Remote authentication with SAP and Oracle - Please Help [message #63680 is a reply to message #63679] |
Wed, 27 October 2004 08:34  |
 |
Mahesh Rajendran
Messages: 10708
Registered: March 2002
Location: oracleDocoVille
|
Senior Member
Account Moderator |
|
|
read somewhere
<quote>
When using host-based authentication you want to make sure that the host can be trusted. The remote_os_auth parameter should be set to 'false' (the default) unless application requirements dictate otherwise, e.g. SAP, to assure that the local host, and not just any host on the network, is the one being trusted.Setting this parameter to 'true' represents a significant security risk.
Note:In an SAP environment, the database machine must be protected by network and system-level mechanisms to prevent unauthorized privileged access.
</end quote>
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
