Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> impressed with OUI/dbca 2.0 security features

impressed with OUI/dbca 2.0 security features

From: Paul Drake <paled_at_home.com>
Date: Mon, 24 Sep 2001 23:37:35 -0700
Message-ID: <F001.0039742F.20010924235052@fatcity.com> 






Hi.



I noticed when using the dbca included with OUI 2.0 as part of the
9.0.1.1 release for Win32


that there is a password editing screen that actually locks the oracle
app_owner schemas such as CTXSYS, MDSYS, ORDSYS, and gives the user a
very convenient way to change the privileged account passwords during
the install.



I'd just like to say that this is the same mentality that had made
OpenBSD a great distribution for building bastion hosts/firewalls -
secure by default - at installation time. Someone at Oracle deserves
kudos for locking those accounts that used to be granted DBA and left
with an account the same as the username.



Back to my network intrusion book ...



Paul


-- 



Please see the official ORACLE-L FAQ: http://www.orafaq.com


-- 



Author: Paul Drake


  INET: paled_at_home.com


Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051
San Diego, California        -- Public Internet access / Mailing Lists
--------------------------------------------------------------------


To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).
Received on Tue Sep 25 2001 - 01:37:35 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US