| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re:How do you audit a DBA?
Dave,
Your question is somewhat puzzling. Anyone with DBA privileges can get to any table they want since the DBA role contains the 'select any table', 'update any table', 'delete any table', and 'insert any table' system privileges. You would not require the sys or system passwords to accomplish that task. Is the person asking the question suspicious of one person or all of the DBA's at your site? At any rate it would be best to audit all activity against the tables in question and then filter the data after the fact. This is somewhat more important since a trigger cannot catch a select, but database auditing can. Also, if it's a DBA who is questionable he/she would have access to empty out the sys.aud$ table of any activity they created.
Dick Goulet
____________________Reply Separator____________________ Author: Dave Leach <Dave.Leach_at_claybrook.co.uk> Date: 8/23/2001 7:56 AM
Anyone who can help,
I've been asked if Oracle can somehow audit the DBA ie. Raise an alert if the DBA were to execute DML statements against sensitive tables, this assumes the DBA has the SYS password. I thought this was a pretty reasonable question but couldn't think of an answer. My trail of though was maybe an email alert to a designated member of staff sent via a trigger on the table.
Any comments would be very appreciated.
Dave Leach
Internet communications are not secure and therefore this Company does not accept legal responsibility for the contents of this message.
If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful.
Claybrook Computing Limited is a subsidiary of
Claybrook Computing (Holdings) Limited
Registered Office: Abbey House. 282 Farnborough Road, Farnborough,
Hampshire GU14 7NJ
Registered in England and Wales No 1287205
A Hogg Robinson plc company
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists --------------------------------------------------------------------To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists --------------------------------------------------------------------To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). Received on Thu Aug 23 2001 - 10:59:10 CDT
 |
 |