Home » RDBMS Server » Server Administration » Set Password for SYS
Set Password for SYS [message #245284] Fri, 15 June 2007 14:07 Go to next message
Koolwant
Messages: 49
Registered: June 2007
Location: new jersey
Member
Hi Proffesionals

I want to give a password to SYS
Can somebody help me out.

[ora_usr@oracle-dev admin]$ sqlplus

SQL*Plus: Release 10.1.0.3.0 - Production on Fri Jun 15 14:38:26 2007

Copyright (c) 1982, 2004, Oracle. All rights reserved.

Enter user-name: sys as sysdba
Enter password:(no password OR any password)

Connected to:
Oracle Database 10g Enterprise Edition Release 10.1.0.3.0 - Production
With the Partitioning, OLAP and Data Mining options

SQL>


thanks in advance

koolwant

Report message to a moderator

Re: Set Password for SYS [message #245285 is a reply to message #245284] Fri, 15 June 2007 14:27 Go to previous messageGo to next message
evoradba
Messages: 144
Registered: April 2005
Location: Canada
Senior Member
sqlplus '/as sysdba'

alter user sys identified by whateverpassyoulike;

Report message to a moderator

Re: Set Password for SYS [message #245287 is a reply to message #245284] Fri, 15 June 2007 14:34 Go to previous messageGo to next message
Koolwant
Messages: 49
Registered: June 2007
Location: new jersey
Member
yes i did that but even then you dont need any password to enter into DB.

Report message to a moderator

Re: Set Password for SYS [message #245289 is a reply to message #245287] Fri, 15 June 2007 14:37 Go to previous messageGo to next message
Michel Cadot
Messages: 68718
Registered: March 2007
Location: Saint-Maur, France, https...
Senior Member
Account Moderator
You don't need a password to connect "as sysdba" if you are in the osdba group (most often "dba").
If you are in this group password is even not checked.

Regards
Michel

Report message to a moderator

Re: Set Password for SYS [message #245291 is a reply to message #245284] Fri, 15 June 2007 14:39 Go to previous messageGo to next message
BlackSwan
Messages: 26766
Registered: January 2009
Location: SoCal
Senior Member
With free advice you get what you paid for it sometimes.
User "oracle" will always be able to connect to the DB when logged directly to the DB server itself.
The security/protection is done/maintained at the OS level.

Report message to a moderator

Re: Set Password for SYS [message #245296 is a reply to message #245284] Fri, 15 June 2007 14:45 Go to previous messageGo to next message
Koolwant
Messages: 49
Registered: June 2007
Location: new jersey
Member
Hey Michel and anacedent
Thanks for Your reply.

I do understand that you dont need any password to enter into DB, when you fall into dba group.

But still i want to assign a meaningfull password to SYS Because If somebody knows OS users username/password, then he can easily connect to Oracle as SYS AS SYSDBA.Its like i feel like kind of unsecured and want to give a password to SYS
Is there any way that i can do that.
Thanks

&

Regards

[Updated on: Fri, 15 June 2007 14:47]

Report message to a moderator

Re: Set Password for SYS [message #245302 is a reply to message #245296] Fri, 15 June 2007 15:08 Go to previous messageGo to next message
joy_division
Messages: 4963
Registered: February 2005
Location: East Coast USA
Senior Member
Unfortunately the response you are going to get is:

Well, then don't allow regular users to get the username and password for the oracle user.

and if your response is that what happens if they do, then we'll come back once again and say that you are not doing a good job of protecting that information.

It's really not an issue with proper security protocol.

Report message to a moderator

Re: Set Password for SYS [message #245303 is a reply to message #245284] Fri, 15 June 2007 15:20 Go to previous messageGo to next message
Koolwant
Messages: 49
Registered: June 2007
Location: new jersey
Member
Hey Joy

Thanks for your time.

So in a nutshell

If the user is in dba group or is os authenticated then he can login SYS AS SYSDBA .

It means SYSDBA is unsecured from SYSADMIN or SYSADMIN is more powerfull than SYSDBA.

Regards

Report message to a moderator

Re: Set Password for SYS [message #245304 is a reply to message #245303] Fri, 15 June 2007 15:30 Go to previous messageGo to next message
Michel Cadot
Messages: 68718
Registered: March 2007
Location: Saint-Maur, France, https...
Senior Member
Account Moderator
Quote:
If the user is in dba group or is os authenticated then he can login SYS AS SYSDBA .

Only if it is in dba group.

Database is ALWAYS unsecure from sysadmin as sysadmin can connect root and destroy all databases files or copy and dump them.

dba group is like root user for system, you don't give it to anyone but database owner (most often "oracle" user).
Any other DBA must give a password to connect "as sysdba".
Use a password file.

If you want more Oracle security. Use Database Vault then noone can connect "/ as sysdba" (that is without a password). It means you have many $$$.

Regards
Michel

Report message to a moderator

Re: Set Password for SYS [message #245308 is a reply to message #245284] Fri, 15 June 2007 15:43 Go to previous message
Koolwant
Messages: 49
Registered: June 2007
Location: new jersey
Member
Thanks michel

That answers my question.

thanks again for clearing my doubt.

still We(DBA's ) should do something for more getting more security. As SYSADMIN'S Can Threat us any time .....JUST KIDDING..

Regards

kool

Report message to a moderator

Previous Topic: problems with oracle 10 on linux after reboot
Next Topic: Grant Select Permission
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Mon Dec 02 12:24:29 CST 2024
.:: Forum Home :: Blogger Home :: Wiki Home :: Contact :: Privacy ::.