Re: Fw: OT - Getting fired for database oops

From: Jared Still <jkstill_at_gmail.com>
Date: Mon, 25 May 2009 08:45:40 -0700
Message-ID: <bf46380905250845j57bdaf36tb514be94eac2fe22_at_mail.gmail.com>

On Sat, May 23, 2009 at 10:42 AM, Andre van Winssen <dreveewee_at_gmail.com>wrote:

> And protect/audit your login.sql and glogin.sql (on the oracle server side
> in particular) otherwise some bad person might inject "grant dba to public"
> into it without you noticing it :-)
>

I wonder how much of a threat that actually is?

In the case of glogin.sql, probably not much, as anyone with the ability to modify that file can already logon as sysdba.

Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist

--
http://www.freelists.org/webpage/oracle-l

Received on Mon May 25 2009 - 10:45:40 CDT

This message: [ Message body ]
Next message: Jeremy Schneider: "Re: Transparent Session Migration?"
Previous message: Teehan, Mark: "Listers in SE Asia"
In reply to: Andre van Winssen: "RE: Fw: OT - Getting fired for database oops"
Next in thread: Nuno Souto: "Re: Fw: OT - Getting fired for database oops"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message